PCSAE Online Practice Questions and Answers

What is the most effective way to correlate multiple raw events coming from a SIEM and link them together?

A. Process all alerts by running the respective playbook and link related incidents during post-processing

B. Ingest all raw events, run a custom script to find the relationship between them and proceed to link them together

C. Configure a pre-process rule to link related events as they are ingested

D. Manually go through the incidents created by the raw events and link related incidents

Whar are possible war room result (entry) types?

A. Context, file, error, image

B. Note, indicator, error, image

C. Video, file, error, image

D. Note, file, error, image

Which of these would be the most operationally efficient repository for moving XSOAR custom content from a development server to a production environment?

A. A content repository specified in the Marketplace

B. Remote git repository specified in the dev-prod configuration parameters

C. The development server's default repository

D. Cortex XSOAR public content repository

At what stage during the incident lifecycle is an incident type assigned?

A. Pre-processing

B. Incident creation

C. Classification

D. Playbook execution

When creating an automation in XSOAR, what is the best way to create a log message?

A. Using a debug statement

B. Using the demisto.debug() function

C. Using a print statement

D. Using the demisto.results() function

Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)

A. Python

B. Perl

C. Go

D. JavaScript

E. Powershell

What assigns newly ingested event attributes to incident fields?

A. Playbooks

B. Classification

C. Mapping

D. Layouts

Which two input requirements are needed to train a machine learning model? (Choose two.)

A. 3000 Incidents

B. Incident Field

C. Verdict Label

D. Incident Type

Which three statements are true about the Marketplace? (Choose three.)

A. Allows reverting back to a previous version of a content pack

B. Enables users to participate in the community by sharing content

C. Publishes content without additional review from the Cortex XSOAR team

D. Allows uploading of content in additional languages

E. Offers granularity in installation through content packs

DRAG DROP

Match the operations with the appropriate context.

Select and Place: