Which two options will troubleshoot an integration's fetch incidents command? (Choose two.)
A. In the instance settings, enable the fetch incidents parameter and wait for one minute
B. Create a one task playbook with a fetch-incident command
C. execute !
D. execute !
To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?
A. 10,080 minutes (7 days)
B. 20,160 minutes (14 days)
C. 21,600 minutes (15 days)
D. 4,320 minutes (3 days)
Which playbook will a job run by default?
A. The playbook assigned to the incident type
B. The playbook assigned to the indicator type
C. The playbook assigned during pre-processing
D. The playbook assigned by the integration
Which configuration is a valid distributed database (DB) implementation?
A. 2 main DBs, 1 application server, 2 node servers
B. 1 main DB, 1 application server, 3 node servers
C. 2 application servers, 1 main DB, 1 node server
D. 1 application server, 2 main DBs, 1 node server
What assigns newly ingested event attributes to incident fields?
A. Playbooks
B. Classification
C. Mapping
D. Layouts
You need to retrieve a list of all malicious hashes over the last 30 days. What is the correct query to use?
A. type:File reputation:Malicious sourcetimestamp:"30 days ago"
B. type:File verdict:Malicious sourcetimestamp:<="30 days ago"
C. type:File reputation:Malicious sourcetimestamp:="30 days ago"
D. type:File verdict:Malicious sourcetimestamp:>="30 days ago"
Which field type provides an interactive and editable display of table-based data?
A. HTML
B. Grid (table)
C. Markdown
D. Multi Select
An engineer's organization system is registered in the following manner:
created as a separate `User' indicator automatically once a system is found.
What is the most efficient way for the engineer to achieve this?
A. Create a custom indicator field named `username' and link it to the internal system indicator
B. Change the reputation command for the internal system indicator type
C. Create a new indicator type of the internal username and set a formatting script to extract only the username
D. Create a new indicator type of the internal username and have the regex included on any string that has dash at the beginning
What does the outgoing mapper support?
A. Mirroring
B. Classification
C. Dynamic fields
D. Pre-processing
What is the correct definition regarding integration parameters and command arguments?
A. Parameters are global variables which means that every command can use these configurable options in order to run. Arguments are shared with other commands and must be present for each command.
B. Parameters are local variables which means that every command can use these configurable options in order to run. Arguments are shared with other commands and must be present for each command.
C. Parameters are local variables which means that every command can use these configurable options in order to run. Arguments are specific to only one command.
D. Parameters are global variables which means that every command can use these configurable options in order to run. Arguments are specific to only one command.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCSAE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.