PCSAE Test Questions with Correct Answers Already Passed
Which type of deployment involves the use of one or more Cortex XSOAR engines? - Answers Hybrid
Cloud
True or false? You can run Python script directly from the CLI of the web console. - Answers True
With an automated backup which function is excluded from the backup:
- Incidents
- Playbooks
- Scripts
- User-defined configurations
- Artifacts & attachments - Answers Artifacts & attachments are excluded from backup
What data is stored within /var/lib/demisto/ - Answers Contains system files that are variable (subject to
change). This is the root directory for artifacts, attachments, backups, and incidents
What data is stored within /usr/local/demisto/ - Answers Contains the application-server binary file, the
private & public keys for the web interface, the license file, baseline platform content, and other
distributed support files for running web interface
Which phase of the content lifecycle drives the momentum of the cycle?
- Develop/Improve
- Assess
- Manage & distribute
- Use in production - Answers Develop/Improve
Which Cortex XSOAR infrastructure component do you deploy in a protected network to extend the
capabilities of the core server? - Answers XSOAR Engine
Which type of disk drives are required for XSOAR? - Answers SSD drives with a minimum of 3k dedicated
IOPS
How do you manually backup artifacts and attachments? - Answers Using the TAR command
In a dev-prod configuration, from where does the prod server get updates authored by Palo Alto
Networks? - Answers The remote repository specified in the dev-prod configuration parameters
What is required to install Docker images manually? - Answers Use of the Docker load command
, Which role is responsible for the creation of custom layouts, incident types, and automations? - Answers
XSOAR Engineer
If you grant a privilege for a function but restrict access to the page on which the function appears, what
will be the effect? - Answers The user will not be able to use the privilege
A single multi-tenant system can be configured to support about how many total tenants? - Answers 100
In regards to Multi-Tenant Architecture what is the Master instance? - Answers A central UI that acts as
a proxy to the entire deployment. Content configured in the master instance is shared across all tenants.
In regards to Multi-Tenant Architecture what are Hosts? - Answers Hosts are physical XSOAR instances
and can be positioned at different locations, and they can be used for scaling across those locations.
Hosts act as proxies to serve the tenant data to the master instance
How does the Master instance communicate with Hosts in a Multi-tenant architecture? - Answers The
master instance and hosts communicate over a secure SSL channel
What is an Engine in regards to multi-tenancy architecture? - Answers Engines are small instances
running in environments where tenants cannot access integrations. Engines can help with scaling
because you can load-balance integrations across engines to free up tenants from handling them
What is the IT Administrator responsible for? - Answers Provisions host platforms, installs server
applications, and monitors, maintains, and troubleshoots the system
What is the Security Analyst responsible for? - Answers Uses the War Room to perform investigations,
accepts, assigns, and manages cases
What is the SOAR Engineer responsible for? - Answers Enabling and configuring integrations, creates
custom incident types and layouts, and creates, debugs, and deploys automations and playbooks
One-to-One Deployment Model? - Answers In the one-to-one model, one SOC is dedicated to one
customer, and the entire environment is focused on delivering services to this one customer. The
environment is either hosted on a customer's premises or at an MSSP location.
One-to-Many Deployment Model? - Answers In the one-to-many model, one SOC is set up to serve
multiple customers. This shared environment is always hosted in an MSSP environment.
Co-Managed Tenant - Answers In this service model, the customer has access to the infrastructure and
their specific content. Both the MSSP and the customer manage and maintain the service.
Fully-Managed Tenant - Answers In this model, only MSSP analysts have access to the instance. The
MSSP deploys, maintains, and manages the service. The customer has no access but is sent regular
reports on the status of the service and on their security posture.
How do you display the help output for the XSOAR install script - Answers --help
Which type of deployment involves the use of one or more Cortex XSOAR engines? - Answers Hybrid
Cloud
True or false? You can run Python script directly from the CLI of the web console. - Answers True
With an automated backup which function is excluded from the backup:
- Incidents
- Playbooks
- Scripts
- User-defined configurations
- Artifacts & attachments - Answers Artifacts & attachments are excluded from backup
What data is stored within /var/lib/demisto/ - Answers Contains system files that are variable (subject to
change). This is the root directory for artifacts, attachments, backups, and incidents
What data is stored within /usr/local/demisto/ - Answers Contains the application-server binary file, the
private & public keys for the web interface, the license file, baseline platform content, and other
distributed support files for running web interface
Which phase of the content lifecycle drives the momentum of the cycle?
- Develop/Improve
- Assess
- Manage & distribute
- Use in production - Answers Develop/Improve
Which Cortex XSOAR infrastructure component do you deploy in a protected network to extend the
capabilities of the core server? - Answers XSOAR Engine
Which type of disk drives are required for XSOAR? - Answers SSD drives with a minimum of 3k dedicated
IOPS
How do you manually backup artifacts and attachments? - Answers Using the TAR command
In a dev-prod configuration, from where does the prod server get updates authored by Palo Alto
Networks? - Answers The remote repository specified in the dev-prod configuration parameters
What is required to install Docker images manually? - Answers Use of the Docker load command
, Which role is responsible for the creation of custom layouts, incident types, and automations? - Answers
XSOAR Engineer
If you grant a privilege for a function but restrict access to the page on which the function appears, what
will be the effect? - Answers The user will not be able to use the privilege
A single multi-tenant system can be configured to support about how many total tenants? - Answers 100
In regards to Multi-Tenant Architecture what is the Master instance? - Answers A central UI that acts as
a proxy to the entire deployment. Content configured in the master instance is shared across all tenants.
In regards to Multi-Tenant Architecture what are Hosts? - Answers Hosts are physical XSOAR instances
and can be positioned at different locations, and they can be used for scaling across those locations.
Hosts act as proxies to serve the tenant data to the master instance
How does the Master instance communicate with Hosts in a Multi-tenant architecture? - Answers The
master instance and hosts communicate over a secure SSL channel
What is an Engine in regards to multi-tenancy architecture? - Answers Engines are small instances
running in environments where tenants cannot access integrations. Engines can help with scaling
because you can load-balance integrations across engines to free up tenants from handling them
What is the IT Administrator responsible for? - Answers Provisions host platforms, installs server
applications, and monitors, maintains, and troubleshoots the system
What is the Security Analyst responsible for? - Answers Uses the War Room to perform investigations,
accepts, assigns, and manages cases
What is the SOAR Engineer responsible for? - Answers Enabling and configuring integrations, creates
custom incident types and layouts, and creates, debugs, and deploys automations and playbooks
One-to-One Deployment Model? - Answers In the one-to-one model, one SOC is dedicated to one
customer, and the entire environment is focused on delivering services to this one customer. The
environment is either hosted on a customer's premises or at an MSSP location.
One-to-Many Deployment Model? - Answers In the one-to-many model, one SOC is set up to serve
multiple customers. This shared environment is always hosted in an MSSP environment.
Co-Managed Tenant - Answers In this service model, the customer has access to the infrastructure and
their specific content. Both the MSSP and the customer manage and maintain the service.
Fully-Managed Tenant - Answers In this model, only MSSP analysts have access to the instance. The
MSSP deploys, maintains, and manages the service. The customer has no access but is sent regular
reports on the status of the service and on their security posture.
How do you display the help output for the XSOAR install script - Answers --help
