Palo Alto Networks PCSAE Exam Practice Test Instant Access

Question 1

Which two incident search queries are valid? (Choose two.)

Acreated:>=''7 days''

Bowner===admin

Crole is Analyst

Dstatus:closed --category:job

Answer : A, D

Question 2

What is the most effective way to correlate multiple raw events coming from a SIEM and link them together?

AProcess all alerts by running the respective playbook and link related incidents during post-processing

BIngest all raw events, run a custom script to find the relationship between them and proceed to link them together

CConfigure a pre-process rule to link related events as they are ingested

DManually go through the incidents created by the raw events and link related incidents

Answer : C

Question 3

How is data transferred between playbook tasks?

ARead/Write from context data

BOver war room results

CInput from the indicator page

DDirectly from a previous task

Answer : A

Question 4

What does Script helper contain?

AAvailable commands

BPermission settings

CAutomation version history

DAutomation timeout configuration

Answer : A

Question 5

Which two advanced attributes can be applied to incident fields when editing? (Choose two.)

ASet a field trigger script

BAssociate to an incident type

CChange field type

DChange field name

Answer : A, B

Question 6

Which configuration is a valid distributed database (DB) implementation?

A2 main DBs, 1 application server, 2 node servers

B1 main DB, 1 application server, 3 node servers

C2 application servers, 1 main DB, 1 node server

D1 application server, 2 main DBs, 1 node server

Answer : B

Question 7

An engineer notices that playbooks only start once the user clicks the 'investigate' button and he/she would like the playbook to start automatically.

How can this be implemented?

AAdd the playbook to the integration's settings

BSelect 'Run playbook automatically' from the incident type settings

CAdd the !startinvestigation automation to the beginning of the playbook

DSelect 'Run playbook automatically' from the integration settings

Answer : B

Palo Alto Networks Certified Security Automation Engineer PCSAE Exam Practice Test