Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Palo Alto Networks
  3. XSOAR-Engineer

Palo Alto Networks XSOAR-Engineer Exam (page: 4)
Palo Alto Networks XSOAR Engineer
Updated on: 12-Feb-2026

Viewing Page 4 of 21
XSOAR-Engineer PDF 156 Questions

What are two main uses of context data? (Choose two.)

  1. Store incident information in JSON format
  2. Store incident information in XML format
  3. Pass data between playbook tasks
  4. Pass data between to-do tasks

Answer(s): A,C


Reference:

https://xsoar.pan.dev/docs/integrations/context-and- outputs#:~:text=The%20main%20use%20of% 20the,the%20Context%20and%20uses%20it.



Multiple company assets were reported by vulnerability scanners as being vulnerable to CVE-2017- 11882. This vulnerability affects applications installed on workstations. The SOC team needs to take action and apply the new vulnerability patch that was just released. The team must first create a cause for each of the identified assets in ServiceNow IT Service Management (ITSM), in order to notify the IT department. Next, the team creates a task in the main playbook, which extracts the list of assets from the scanner report.

After the list of assets are created, what are the two solutions that the SOC team could take so that a case could be created and a patch installed? (Choose two.)

  1. Create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Condition: AreValuesEqual ­ Exit on yes ­ left:1, right 1) and perform the following tasks:
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
    - Mark the ticket severity as Urgent
  2. Create a sub-playbook with a single input containing the computer names that will loop `For Each Input' and perform the following tasks:
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
    - Mark the ticket severity as Urgent
  3. Set a key for storing the iteration number and create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Exit condition: iterator contains the count of the number of items in the list) and perform the following tasks:
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
    - Mark the ticket severity as Urgent
  4. Set a key for storing the iteration number and create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Exit condition: iterator equal to count of the number of item in the list) and perform the following tasks:
    - Increase the iterator value by one each time
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
    - Mark the ticket severity as Urgent

Answer(s): B,D



When creating a new tab in the layout, which section cannot be added?

  1. Retrieve widget chart based on script
  2. Related incidents
  3. War room entries picked by entry query
  4. Incident team members

Answer(s): B

Explanation:

https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOAR-Administrator- Guide/Customize-Incident-Layouts



In which two ways can data be transferred between playbooks and sub-playbooks? (Choose two.)

  1. Inputs and outputs
  2. Through integration context
  3. Automatically extracted by sub-playbooks
  4. From context data, if context is shared globally

Answer(s): A,D



By default, which components does an XSOAR implementation include?

  1. XSOAR server, XSOAR engine
  2. Application server, distributed DB server
  3. Application server, distributed DB server, Backup server
  4. All in one server

Answer(s): B


Reference:

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar- admin/installation/install- demisto-on-a-physical-or-virtual-server.html



DRAG DROP (Drag and Drop is not supported)

Match the operations with the appropriate context.

  1. See Explanation for the Answer.

Answer(s): A

Explanation:



Which three statements are true about the Marketplace? (Choose three.)

  1. Allows reverting back to a previous version of a content pack
  2. Enables users to participate in the community by sharing content
  3. Publishes content without additional review from the Cortex XSOAR team
  4. Allows uploading of content in additional languages
  5. Offers granularity in installation through content packs

Answer(s): A,B,E



What can be added to offload integration instance processing from the main server?

  1. Database node
  2. Application server
  3. Engine
  4. Development server

Answer(s): A



Viewing Page 4 of 21



Share your comments for Palo Alto Networks XSOAR-Engineer exam with other users:

Sonia 7/23/2023 4:03:00 PM

very helpfull
UNITED STATES


binEY 10/6/2023 5:15:00 AM

good questions
Anonymous


Neha 9/28/2023 1:58:00 PM

its helpful
Anonymous


Desmond 1/5/2023 9:11:00 PM

i just took my oracle exam and let me tell you, this exam dumps was a lifesaver! without them, iam not sure i would have passed. the questions were tricky and the answers were obscure, but the exam dumps had everything i needed. i would recommend to anyone looking to pass their oracle exams with flying colors (and a little bit of cheating) lol.
SINGAPORE


Davidson OZ 9/9/2023 6:37:00 PM

22. if you need to make sure that one computer in your hot-spot network can access the internet without hot-spot authentication, which menu allows you to do this? answer is ip binding and not wall garden. wall garden allows specified websites to be accessed with users authentication to the hotspot
Anonymous


381 9/2/2023 4:31:00 PM

is question 1 correct?
Anonymous


Laurent 10/6/2023 5:09:00 PM

good content
Anonymous


Sniper69 5/9/2022 11:04:00 PM

manged to pass the exam with this exam dumps.
UNITED STATES


Deepak 12/27/2023 2:37:00 AM

good questions
SINGAPORE


dba 9/23/2023 3:10:00 AM

can we please have the latest exam questions?
Anonymous


Prasad 9/29/2023 7:27:00 AM

please help with jn0-649 latest dumps
HONG KONG


GTI9982 7/31/2023 10:15:00 PM

please i need this dump. thanks
CANADA


Elton Riva 12/12/2023 8:20:00 PM

i have to take the aws certified developer - associate dva-c02 in the next few weeks and i wanted to know if the questions on your website are the same as the official exam.
Anonymous


Berihun Desalegn Wonde 7/13/2023 11:00:00 AM

all questions are more important
Anonymous


gr 7/2/2023 7:03:00 AM

ques 4 answer should be c ie automatically recover from failure
Anonymous


RS 7/27/2023 7:17:00 AM

very very useful page
INDIA


Blessious Phiri 8/12/2023 11:47:00 AM

the exams are giving me an eye opener
Anonymous


AD 10/22/2023 9:08:00 AM

3rd so far, need to cover more
Anonymous


Matt 11/18/2023 2:32:00 AM

aligns with the pecd notes
Anonymous


Sri 10/15/2023 4:38:00 PM

question 4: b securityadmin is the correct answer. https://docs.snowflake.com/en/user-guide/security-access-control-overview#access-control-framework
GERMANY


H.T.M. D 6/25/2023 2:55:00 PM

kindly please share dumps
Anonymous


Satish 11/6/2023 4:27:00 AM

it is very useful, thank you
Anonymous


Chinna 7/30/2023 8:37:00 AM

need safe rte dumps
FRANCE


1234 6/30/2023 3:40:00 AM

can you upload the cis - cpg dumps
Anonymous


Did 1/12/2024 3:01:00 AM

q6 = 1. download odt application 2. create a configuration file (xml) 3. setup.exe /download to download the installation files 4. setup.exe /configure to deploy the application
FRANCE


John 10/12/2023 12:30:00 PM

great material
Anonymous


Dinesh 8/1/2023 2:26:00 PM

could you please upload sap c_arsor_2302 questions? it will be very much helpful.
Anonymous


LBert 6/19/2023 10:23:00 AM

vraag 20c: rsa veilig voor symmtrische cryptografie? antwoord c is toch fout. rsa is voor asymmetrische cryptogafie??
NETHERLANDS


g 12/22/2023 1:51:00 PM

so far good
UNITED STATES


Milos 8/4/2023 9:33:00 AM

question 31 has obviously wrong answers. tls and ssl are used to encrypt data at transit, not at rest.
Serbia And Montenegro


Diksha 9/25/2023 2:32:00 AM

pls provide dump for 1z0-1080-23 planning exams
Anonymous


H 7/17/2023 4:28:00 AM

could you please upload the exam?
Anonymous


Anonymous 9/14/2023 4:47:00 AM

please upload this
UNITED STATES


Naveena 1/13/2024 9:55:00 AM

good material
Anonymous