Which three actions can an engineer take on the troubleshooting page? (Choose three.)
Answer : A, B, C
How is data transferred between playbook tasks?
Answer : A
Incidents need to be filtered by all of the following criteria:
1. Status -- Pending
2. Exclude Category -- Job
3. Severity -- High
4. Owner -- None (No owner assigned)
5. Type -- Phishing
6. Email Subject -- ''You have won a million dollars''
What is the correct query syntax for the above incident search filter?
Answer : C
What is the default configuration for indicator auto-extraction when incidents are created?
Answer : A
An engineer would like to add a custom field to the New Job form for a job triggered from a threat intel feed. How would the engineer implement this?
Answer : B
Which two methods will allow data to be saved in incident fields within a playbook? (Choose two.)
Answer : B, C
A SOC manager built a dashboard and would like to share the dashboard with other team members. How would the SOC manager create a dashboard that meets this requirement?
Answer : D