Within the 12A2 design methodology, which of the following most accurately describes the last step?

Within the 12A2 design methodology, which of the following most accurately describes the last step?A . List of the apps used by the playbook.B . List of the actions of the playbook design.C . List of the outputs of the playbook design.D . List of the data needed to run...

February 14, 2025 No Comments READ MORE +

Which of the following is a best practice for data sharing across playbooks?

A customer wants to design a modular and reusable set of playbooks that all communicate with each other. Which of the following is a best practice for data sharing across playbooks?A . Use the py-postgresq1 module to directly save the data in the Postgres database.B . Cal the child playbooks...

February 13, 2025 No Comments READ MORE +

Which of the following expressions will output debug information to the debug window in the Visual Playbook Editor?

Which of the following expressions will output debug information to the debug window in the Visual Playbook Editor?A . phantom.debug()B . phantom.exception()C . phantom.print ()D . phantom.assert()View AnswerAnswer: A Explanation: The phantom.debug() function is used within Splunk SOAR playbooks to output debug information to the debug window in the Visual...

February 11, 2025 No Comments READ MORE +

Configuring Phantom search to use an external Splunk server provides which of the following benefits?

Configuring Phantom search to use an external Splunk server provides which of the following benefits?A . The ability to run more complex reports on Phantom activities.B . The ability to ingest Splunk notable events into Phantom.C . The ability to automate Splunk searches within Phantom.D . The ability to display...

February 1, 2025 No Comments READ MORE +

What does this indicate?

During a second test of a playbook, a user receives an error that states: 'an empty parameters list was passed to phantom.act()." What does this indicate?A . The container has artifacts not parameters.B . The playbook is using an incorrect container.C . The playbook debugger's scope is set to new.D...

January 29, 2025 No Comments READ MORE +

On a multi-tenant Phantom server, what is the default tenant's ID?

On a multi-tenant Phantom server, what is the default tenant's ID?A . 0B . DefaultC . 1D . *View AnswerAnswer: C Explanation: The correct answer is C because the default tenant’s ID is 1. The tenant ID is a unique identifier for each tenant on a multi-tenant Phantom server. The...

January 27, 2025 No Comments READ MORE +

Which of the following applies to filter blocks?

Which of the following applies to filter blocks?A . Can select which blocks have access to container data.B . Can select assets by tenant, approver, or app.C . Can be used to select data for use by other blocks.D . Can select containers by seventy or status.View AnswerAnswer: C Explanation:...

January 27, 2025 No Comments READ MORE +

Which of the following are the default ports that must be configured on Splunk to allow connections from Phantom?

Which of the following are the default ports that must be configured on Splunk to allow connections from Phantom?A . SplunkWeb (8088), SplunkD (8089), HTTP Collector (8000)B . SplunkWeb (8089), SplunkD (8088), HTTP Collector (8000)C . SplunkWeb (8421), SplunkD (8061), HTTP Collector (8798)D . SplunkWeb (8000), SplunkD (8089), HTTP Collector...

January 24, 2025 No Comments READ MORE +

Which of the following supported approaches enables Phantom to run on a Windows server?

Which of the following supported approaches enables Phantom to run on a Windows server? A. Install the Phantom RPM in a GNU Cygwin implementation. B. Run the Phantom OVA as a cloud instance. C. Install the Phantom RPM file in Windows Subsystem for Linux (WSL). D. Run the Phantom OVA...

January 21, 2025 No Comments READ MORE +

After enabling multi-tenancy, which of the Mowing is the first configuration step?

After enabling multi-tenancy, which of the Mowing is the first configuration step?A . Select the associated tenant artifacts.B . Change the tenant permissions.C . Set default tenant base address.D . Configure the default tenant.View AnswerAnswer: B

July 6, 2022 No Comments READ MORE +