- All Exams Instant Download
What filter would be used to check if the automation returned results?
An automation returned an output called: csvReport. What filter would be used to check if the automation returned results?A . Contains/IncludesB . Equals/MatchesC . In/In listD . Is defined/ExistView AnswerAnswer: D Explanation: This filter will be used to check if the automation returned results, as it checks to see if...
When mapping incoming data to incident fields, which statement is correct?
When mapping incoming data to incident fields, which statement is correct?A . Data that is not mapped is placed under labelsB . Only text fields are classifiedC . Classification cannot be used if mapping is enabledD . Every incoming field must be mappedView AnswerAnswer: A Explanation: Reference: https://xsoar.pan.dev/docs/incidents/incident-classification-mapping
When browsing the Marketplace for new content packs, which details about each pack are you able to view?
When browsing the Marketplace for new content packs, which details about each pack are you able to view?A . The integration’s source codeB . A summary of each version historyC . A test instance for the content packD . The source code of each playbookView AnswerAnswer: B
In which three locations can an engineer try to find information, when troubleshooting a failed integration instance error produced by the test button? (Choose three.)
In which three locations can an engineer try to find information, when troubleshooting a failed integration instance error produced by the test button? (Choose three.)A . The audit logB . The log bundleC . The source code for an integrationD . The error message returned directly below the buttonE ....
When creating an automation in XSOAR, what is the best way to create a log message?
When creating an automation in XSOAR, what is the best way to create a log message?A . Using a debug statementB . Using the demisto.debug() functionC . Using a print statementD . Using the demisto.results() functionView AnswerAnswer: B
Which built-in automation/command cab be used to change an incident’s type?
Which built-in automation/command cab be used to change an incident’s type?A . setIncidentB . SetC . GetFieldsByIncidentTypeD . modifyIncidentFieldsView AnswerAnswer: A Explanation: Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/incidents/incidents- management/incident-fields/field-trigger-scripts.html
What is the default configuration for indicator auto-extraction when incidents are created?
What is the default configuration for indicator auto-extraction when incidents are created?A . InlineB . InbandC . NoneD . Out of bandView AnswerAnswer: A
Which field type provides an interactive and editable display of table-based data?
Which field type provides an interactive and editable display of table-based data?A . HTMLB . Grid (table)C . MarkdownD . Multi SelectView AnswerAnswer: B
What is the correct query to use?
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?A . -status:closed -category:job type:Phishing created:>="30 days ago"B . status:closed -category:job & type:Phishing created:>="30 days ago"C . -status:closed -category:job & type:Phishing created:<="30 days ago"D . -status:closed...
What is the main concern when adding these commands?
An engineer asked for a specific command in an integration but the capability does not exist. The engineer decided to edit the existing integration by copying the integration and adding the needed commands. What is the main concern when adding these commands?A . The commands must return a proper result...
