Paloalto Networks PCSAE Real Exam Questions
The questions for PCSAE were last updated at Dec 19,2024.
- Exam Code: PCSAE
- Exam Name: Palo Alto Networks Certified Security Automation Engineer
- Certification Provider: Paloalto Networks
- Latest update: Dec 19,2024
Question #11
Which of the following is a prerequisite to editing out-of-the-box (OOTB) content?
- A . Download the content from the Marketplace.
- B . Go to Settings > About >Troubleshooting and set a flag to allow custom content.
- C . Register a user account with support.paloaltonetworks.com .
- D . Detach the content item you want to edit from the Marketplace.
Correct Answer: D
Question #12
Which configuration is a valid distributed database (DB) implementation?
- A . 2 main DBs, 1 application server, 2 node servers
- B . 1 main DB, 1 application server, 3 node servers
- C . 2 application servers, 1 main DB, 1 node server
- D . 1 application server, 2 main DBs, 1 node server
Correct Answer: B
Question #13
An automation returned an output called: csvReport.
What filter would be used to check if the automation returned results?
- A . Contains/Includes
- B . Equals/Matches
- C . In/In list
- D . Is defined/Exist
Correct Answer: D
D
Explanation:
This filter will be used to check if the automation returned results, as it checks to see if the output variable called csvReport is defined and exists. If it is, then the automation returned results.
D
Explanation:
This filter will be used to check if the automation returned results, as it checks to see if the output variable called csvReport is defined and exists. If it is, then the automation returned results.
Question #14
What are inputs and outputs in reference to a Playbook Development Lifecycle? (Choose three.)
- A . Inputs are data pieces that are present in the playbook
- B . Inputs are data pieces that are present in the task
- C . Outputs are used as incident trigger for playbook
- D . Outputs can be derived from the result of a task or command
- E . Inputs are the data fields parsed by the Classifier
Correct Answer: A,B,D
Question #14
What are inputs and outputs in reference to a Playbook Development Lifecycle? (Choose three.)
- A . Inputs are data pieces that are present in the playbook
- B . Inputs are data pieces that are present in the task
- C . Outputs are used as incident trigger for playbook
- D . Outputs can be derived from the result of a task or command
- E . Inputs are the data fields parsed by the Classifier
Correct Answer: A,B,D
Question #16
Which method accesses a field called ‘User Mail’ in a playbook?
- A . ${incident.usermail}
- B . ${incident.User Mail}
- C . ${incident.UserMail}
- D . ${usermail}
Correct Answer: A
Question #17
Where are incident layouts customized?
- A . Settings > Object Setup > Incidents > Layouts
- B . Settings > Integrations > Instance configuration
- C . Settings > Object Setup > Indicators > Layouts
- D . Settings > Advanced > Incident Layouts
Correct Answer: A
A
Explanation:
Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOAR-Administrator-Guide/Customize-Incident-Layouts
A
Explanation:
Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOAR-Administrator-Guide/Customize-Incident-Layouts
Question #18
Which two incident search queries are valid? (Choose two.)
- A . created:>=”7 days”
- B . owner===admin
- C . role is Analyst
- D . status:closed Ccategory:job
Correct Answer: A,D
A,D
Explanation:
Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/cortex-xsoar-overview/how-to-search-in-cortex-xsoar.html
A,D
Explanation:
Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/cortex-xsoar-overview/how-to-search-in-cortex-xsoar.html
Question #19
When mapping incoming data to incident fields, which statement is correct?
- A . Data that is not mapped is placed under labels
- B . Only text fields are classified
- C . Classification cannot be used if mapping is enabled
- D . Every incoming field must be mapped
Correct Answer: A
A
Explanation:
Reference: https://xsoar.pan.dev/docs/incidents/incident-classification-mapping
A
Explanation:
Reference: https://xsoar.pan.dev/docs/incidents/incident-classification-mapping