XSOAR EDU380 PCSAE Questions And Answers 100% Verified.
0 view 0 purchase
Course
XSOAR EDU380 PCSAE
Institution
XSOAR EDU380 PCSAE
XSOAR EDU380 PCSAE Questions And Answers 100% Verified.
What happens if you configure an integration with inaccurate credentials and click Done? - correct answer. The system creates a new instance of the integration.
How does the context data work? - correct answer. Key-value pair...
XSOAR EDU380 PCSAE Questions And
Answers 100% Verified.
What happens if you configure an integration with inaccurate credentials and click
Done? - correct answer. The system creates a new instance of the integration.
How does the context data work? - correct answer. Key-value pair dictionary
What approach does palo alto recommend for developing a use case? - correct
answer. Begin with the end in mind
Which role is associated with deployment of XSOAR servers and engines with baseline
operational functionality? - correct answer. IT Administrator
What is the first step in the high level flow logic of XSOAR system? - correct answer.
ingestion of event data
What will happen if you click to 'disable' an integration? - correct answer. the
integration and configuration information will be retained
which two types of integrations are installed by default? - correct answer. 1. commonly
used authentication
2. basic communication + system messaging
Which is a potentially 'harmful command'? - correct answer. integration command that
has been flagged as 'potentially harmful'
First step in the playbook development process? - correct answer. Formalize use case
definition
A "standard" task can specify one of which two types of actions? - correct answer. 1.
manual
2. automated
What is the name for a step in an XSOAR playbook? - correct answer. task
,How can live backup help with disaster recovery? - correct answer. Need to manually
trigger the failover (to switch to primary)
How does Legacy Distributed DB work? - correct answer. Has a main DB with
playbooks & incidents;
and has Nodes that are used to distributed to create redundancy
How to optimize Docker? - correct answer. limit available memory & CPUs
limit open file descriptions
Which resource provides baseline, detailed reference information for specific playbooks
and integrations? - correct answer. xsoar.pan.dev
Which is an option for the config of a button that you add to a layout? - correct answer.
script
which config determines the LAYOUT applied to an incident? - correct answer.
Incident type
During which part of the incident lifecycle is an incident assigned an incident type? -
correct answer. classification
how many keys does the classifier editor allow you to use to make mapping decisions? -
correct answer. no more than 1
what object does the system use to store event data that is mapped to XSOAR fields? -
correct answer. context data
Which Cortex XSOAR infrastructure component do you deploy in a protected network to
extend the capabilities of the core server? - correct answer. XSOAR engine
A single multi-tenant system can be configured to support about how many total
tenants? - correct answer. 100
In a DEV-PROD configuration, where does the production server get updates authored
by the Palo Alto Networks? - correct answer. the remote repo specified in the dev-
prod config parameters
What must you do to modify the code for an integration or layout that you have
downloaded from the Marketplace? - correct answer. click to duplicate the integration
When is the basic system config info generated log files in the log bundle? - correct
answer. at the time the log bundle is requested
What is an accurate description of a Docker container? - correct answer. a software
package that has everything needed to run an application
, Where is the default global register for Docker - correct answer. Docker Hub
Which two types of actions can be specified with a "Standard" playbook task? - correct
answer. -manual
-automated
What two privileges are needed to create or customize an incident layout? - correct
answer. 1. Page access privilege for the settings page
2. read/write privilege for investigations
Which three types of content packs can be downloaded from Marketplace? - correct
answer. 1. Playbooks
2. Automations
3. Integrations
Where can the entire history of group interactions involving an attack response be
seen? - correct answer. Cortex XSOAR War Room
Which is the correct search query for "incidents that are not jobs and that are not
closed" - correct answer. -status:closed -category:job
Which three fields are available for querying indicators? - correct answer. 1.
expirationStatus
2. reputation
3. type
How do incidents relate to indicators? - correct answer. Indicators provide context to
incidents
What are two options for how Docker can run a containerized application? - correct
answer. -persistent instance
-as a service
Which two options describe dashboard widgets? - correct answer. 1. a widget's time
frame can be edited
2. a widget's data query can be set
---
3. a widget's display layout CAN be changed
4. a widget's size CAN be set
Where should you go to search for a PDF copy of the Cortex XSOAR Use Case
Definition document? - correct answer. Live Community
Which option describes the trigger of an incident? - correct answer. the action inside
or outside the system that should generate an incident
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller techgrades. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.
