PCSAE Online Practice Questions and Answers
During the regular maintenance of XSOAR a customer noticed that there was an update available for the Active Directory content pack (current version 1.4.6) and updated the content pack to the latest version (version 1.4.11). However, after the update the customer noticed that the Active Directory Query integration is not working properly and asked you to resolve the issue.
Which of the following set of steps can help to resolve the issue?
A. Navigate to Settings View the configured integrations and select Active Directory Authentication Delete all integration instances and add all integration instances again
B. Navigate to Marketplace View the installed content pack and select Active Directory content pack Select version 1.4.6 and click on "Revert to this version"
C. Navigate to Settings View the configured integrations and select Active Directory Query Delete all integration instances and add all integration instances again
D. Navigate to Marketplace View the installed content pack and select Active Directory content pack Click on uninstall content pack Navigate to Marketplace browser and reinstall the Active Directory content pack
What is used to trigger playbooks automatically based on the classification of an incident?
A. Indicator type
B. Incoming mapper
C. Incident types
D. Integration configuration
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users.
Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
A. Open a ticket with the XSOAR support team
B. Create a pull request directly on Github
C. Contribute through the XSOAR UI
D. Send an email to [email protected]
Which three options can be defined in the layout settings? (Choose three.)
A. Set of fields to present
B. Permission to view the tab based on `Users'
C. Permission to view the tab based on `Roles'
D. Delete built-in tabs including the war room
E. Dynamic sections
At what stage during the incident lifecycle is an incident type assigned?
A. Pre-processing
B. Incident creation
C. Classification
D. Playbook execution
Select the correct incident life cycle on XSOAR.
A. Planning > Incident Ingestion > Incident Creation > Mapping and Classification > Pre- processing > Playbook runs > Post-processing
B. Planning > Incident Ingestion > Pre-processing > Incident Creation > Mapping and Classification > Playbook runs > Post-processing
C. Planning > Incident Ingestion > Pre-processing > Mapping and Classification > Incident Creation > Playbook runs > Post-processing
D. Planning > Incident Ingestion > Mapping and Classification > Pre-processing > Incident Creation > Playbook runs > Post-processing
What is the default task type when creating an empty task?
A. Standard (Manual)
B. Conditional
C. Section header
D. Standard (Automated)
An engineer's organization system is registered in the following manner:
created as a separate `User' indicator automatically once a system is found.
What is the most efficient way for the engineer to achieve this?
A. Create a custom indicator field named `username' and link it to the internal system indicator
B. Change the reputation command for the internal system indicator type
C. Create a new indicator type of the internal username and set a formatting script to extract only the username
D. Create a new indicator type of the internal username and have the regex included on any string that has dash at the beginning
Which of the following is a feature of XSOAR automations?
A. can run on multiple docker containers
B. can be set to run on a scheduled basis in the automation settings
C. can be password protected
D. can be written in C++
When creating a new tab in the layout, which section cannot be added?
A. Retrieve widget chart based on script
B. Related incidents
C. War room entries picked by entry query
D. Incident team members