Palo Alto Networks PCSAE Exam Practice Test Instant Access

Question 1

A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?

A-status:closed -category:job type:Phishing created:>='30 days ago'

Bstatus:closed -category:job & type:Phishing created:>='30 days ago'

C-status:closed -category:job & type:Phishing created:<='30 days ago'

D-status:closed -category:job type:Phishing created:='30 days ago'

Answer : C

Question 2

When browsing the Marketplace for new content packs, which details about each pack are you able to view?

AThe integration's source code

BA summary of each version history

CA test instance for the content pack

DThe source code of each playbook

Answer : B

Question 3

To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?

A10,080 minutes (7 days)

B20,160 minutes (14 days)

C21,600 minutes (15 days)

D4,320 minutes (3 days)

Answer : D

Question 4

In Cortex XSOAR multi tenant setup, when content from a development server is pushed to the remote repository, where in the production server can the updates be found?

AMain Account

BTenants

CAgent tools

DMarketplace

Answer : B

Question 5

An administrator has noticed that an integration has failed to fetch incidents. Where would they go to download logs to troubleshoot the error?

AGo to the Marketplace > Download the Fix my XSOAR playbook pack > Run the playbook > Download logs from War Room

BSettings > About > Troubleshooting > Set Log Level to Debug > Download Logs

CDashboards & Reports > System Health

DSettings > About > System Diagnostics

Answer : B

Question 6

During the regular maintenance of XSOAR a customer noticed that there was an update available for the Active Directory content pack (current version 1.4.6) and updated the content pack to the latest version (version 1.4.11). However, after the update the customer noticed that the Active Directory Query integration is not working properly and asked you to resolve the issue.

Which of the following set of steps can help to resolve the issue?

ANavigate to Settings
View the configured integrations and select Active Directory Authentication
Delete all integration instances and add all integration instances again

BNavigate to Marketplace
View the installed content pack and select Active Directory content pack
Select version 1.4.6 and click on 'Revert to this version'

CNavigate to Settings
View the configured integrations and select Active Directory Query
Delete all integration instances and add all integration instances again

DNavigate to Marketplace
View the installed content pack and select Active Directory content pack
Click on uninstall content pack
Navigate to Marketplace browser and reinstall the Active Directory content pack

Answer : C

Question 7

What is an example of a generic reputation command?

A!ip

B!getReputation

C!reputation

D!enrichIndicator

Answer : C

Palo Alto Networks Certified Security Automation Engineer Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7