New Year Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

The XSOAR administrator is writing an automation and would like to return an error entry back into XSOAR if a particular command errors out. How can this be achieved?

A.

Using the demisto_error() function

B.

Using a print statement

C.

Using the demisto.debug() function

D.

Using the return_error() function

Where can engineers add the post-processing scripts to incidents?

A.

The post-processing tag must be added to the automation

B.

Post-processing scripts must be added at the end of playbooks

C.

Post-processing scripts must be added from the Incident Type editor

D.

Post-processing scripts must be added from the Post-Process Rules editor

When is the post-processing script executed in XSOAR?

A.

Just after the incident is created

B.

Just after the pre-processing is executed

C.

Just after the playbook is executed

D.

Just after the Close Incident button is clicked

What is the function of timer SLA fields in Cortex XSOAR?

A.

To track SLA breaches per playbook

B.

To run a script that executes on SLA assignment

C.

To automatically alert the analyst on SLA breach

D.

To count the time between one or more tasks

In which two locations can filters and transformers be used in XSOAR? (Choose two.)

A.

Classification and Mapping

B.

Playbook Tasks

C.

Evidence Fields

D.

Incident Fields

What are two main uses of context data? (Choose two.)

A.

Store incident information in JSON format

B.

Store incident information in XML format

C.

Pass data between playbook tasks

D.

Pass data between to-do tasks

An automation returned an output called: csvReport.

What filter would be used to check if the automation returned results?

A.

Contains/Includes

B.

Equals/Matches

C.

In/In list

D.

Is defined/Exist

Inside the Incidents table view, which actions can be performed on the selected incidents? (Choose two.)

A.

Run Command, Export, and Close and Delete for all selected incidents regardless of their status

B.

Assign, Edit, and Mark as Duplicate for all selected incidents regardless of their status

C.

Run Command for all selected incidents having Active status

D.

Export incidents as JSON and change incident status

Where would you look to find a personalized view of your own incidents and tasks?

A.

Incident Summary View

B.

My Incidents

C.

My Threat Landscape

D.

My Dashboard

What is a primary use case of data collection tasks?

A.

To allow multi-QUESTION NO: surveys without authentication restrictions

B.

To automate tasks such as parsing a file or enriching indicators

C.

To generate new widgets for a dashboard

D.

To determine different paths in a playbook