- All Exams Instant Download
Which of the following is a feature of XSOAR automations?
Which of the following is a feature of XSOAR automations?A . can run on multiple docker containersB . can be set to run on a scheduled basis in the automation settingsC . can be password protectedD . can be written in C++View AnswerAnswer: C
Which built-in automation/command cab be used to change an incident’s type?
Which built-in automation/command cab be used to change an incident’s type?A . setIncidentB . SetC . GetFieldsByIncidentTypeD . modifyIncidentFieldsView AnswerAnswer: A Explanation: Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/incidents/incidents- management/incident-fields/field-trigger-scripts.html
How can the engineer achieve this task?
An engineer would like to change an incident’s SLA according to the severity field changes. How can the engineer achieve this task?A . Use a field trigger scriptB . Use a field display scriptC . Create a job that queries for incident severity changesD . Change the SLA manually every...
You can customize most aspects of the incident layout, including which three of the following? (Choose three.)
You can customize most aspects of the incident layout, including which three of the following? (Choose three.)A . Which users have permissions to view the tabsB . Which roles have permissions to view the tabsC . Which dashboard settings are appliedD . The information and how is it displayedE ....
What is the correct query to use?
You need to retrieve a list of all malicious hashes over the last 30 days. What is the correct query to use?A . type:File reputation:Malicious sourcetimestamp:"30 days ago"B . type:File verdict:Malicious sourcetimestamp:<="30 days ago"C . type:File reputation:Malicious sourcetimestamp:="30 days ago"D . type:File verdict:Malicious sourcetimestamp:>="30 days ago"View AnswerAnswer: D
In Cortex XSOAR multi tenant setup, when content from a development server is pushed to the remote repository, where in the production server can the updates be found?
In Cortex XSOAR multi tenant setup, when content from a development server is pushed to the remote repository, where in the production server can the updates be found?A . Main AccountB . TenantsC . Agent toolsD . MarketplaceView AnswerAnswer: A
Which built-in automation/command cab be used to change an incident’s type?
Which built-in automation/command cab be used to change an incident’s type?A . setIncidentB . SetC . GetFieldsByIncidentTypeD . modifyIncidentFieldsView AnswerAnswer: A Explanation: Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/incidents/incidents- management/incident-fields/field-trigger-scripts.html
Match the operations with the appropriate context
DRAG DROP Match the operations with the appropriate context. View AnswerAnswer:
How can the engineer populate the HTML field in the indicator layout?
A playbook task generates a report as HTML in the context data. An engineer creates a custom indicator field of type "HTML" and adds the field to a section in a custom indicator layout. How can the engineer populate the HTML field in the indicator layout?A . Populate the custom...
Which two capabilities do Automation script settings include? (Choose two.)
Which two capabilities do Automation script settings include? (Choose two.)A . Define ‘parameters’B . Correlate to incident typesC . Define ‘outputs’D . Set password protectionView AnswerAnswer: C,D
