Free PCSAE Practice Test Questions 2026

Which two features does XSOAR offer to help recover from a server failure? (Choose two.)

A. Live backup (disaster recovery)

B. Distributed database

C. Backup data to XSOAR engines

D. Local backup

When uploading content, which two options could the upload include? (Choose two.)

A. Indicators

B. Incidents

C. Reports

D. Fields

When creating an incident layout section, it is best to place long field values within which of the following?

A. Section headers

B. Rows

C. Canvas

D. Cards

Which two methods are used to add new content to the XSOAR Content Repository? (Choose two.)

A. Create content and add it to the standard content by contributing through the Marketplace

B. Use the XSOAR GitHub Contribution Guide to add the contribution to the standard content

C. Create a support ticket with the custom content for review by the support team

D. Any custom content will be automatically uploaded to the content repository

Which of the following is a basic setting that can be configured in an automation?

A. Summary

B. Compiler

C. Schedule

D. Run On

An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)

A. Open a ticket with the XSOAR support team

B. Create a pull request directly on Github

C. Contribute through the XSOAR UI

D. Send an email to contributions@xsoar.com

Where do you navigate to monitor and improve the system performance and resilience for hosts in a multitenant environment?

A. Settings > About > Troubleshooting, in the main host account. Each host has a System Diagnostics page.

B. Settings > Advanced > System Diagnostics, in the main host account. Each host has a System Diagnostics page.

C. Settings > Account Management > Hosts, in the main host account. Each host has a System Diagnostics page.

D. Settings > About > System Diagnostics, in the main host account. Each host has a System Diagnostics page.

How would context data be filtered to receive only malicious indicator values with DBotScore?

A. Get DBotScore.value where DBotScore.Score (Larger or equals) 4

B. Get DBotScore.value where DBotScore.Score (equals (int)) 3

C. Get DBotScore where DBotScore.Score (Larger than) 1

D. Get DBotScore where DBotScore.Score (Larger or equals) 2

Which two options may be added when a content pack is being installed? (Choose two.)

A. Lists

B. Roles

C. Other content packs

D. Indicator layouts

Incidents need to be filtered by all of the following criteria:
1.Status – Pending
2.Exclude Category – Job
3.Severity – High
4.Owner – None (No owner assigned)
5.Type – Phishing
6.Email Subject – “You have won a million dollars”
What is the correct query syntax for the above incident search filter?

A. status==“Pending“ && category!=”job” && severity==”High” && owner==”None” && type==”Phishing” && emailsubject==”You have won a million dollars”

B. Status:Pending and –Category:job and Severity:High and Owner:”” and Type:Phishing and Email Subject:You have won a million dollars

C. status:Pending and –category:job and severity:High and owner:”” and type:Phishing and emailsubject:”You have won a million dollars”

D. status:Pending or –category:job or severity:High or owner:”” or type:Phishing or emailsubject:”You have won a million dollars”

What are possible war room result (entry) types?

A. Context, file, error, image

B. Note, indicator, error, image

C. Video, file, error, image

D. Note, file, error, image

Which option is available in XSOAR to create the body of a Threat Intel Report?

A. Markdown

B. Grid Fields

C. DOC format

D. Javascript