Table of Contents
Question
An administrator wants to run an automation in the War Room to set the incident field “Description” to “Confirmed Phishing”. Which command should they enter in the War Room CLI?
A. !incidentSet description=”Confirmed Phishing”
B. /incidentSet description=Confirmed Phishing
C. !setIncident description=”Confirmed Phishing”
D. /setIncident description=Confirmed Phishing
Answer
A. !incidentSet description=”Confirmed Phishing”
Explanation
The correct answer is A. !incidentSet description=”Confirmed Phishing”.
The War Room CLI is a command-line interface that allows administrators to interact with the War Room. The `!incidentSet` command is used to set the value of an incident field. The `description` parameter is the name of the field to set, and the `Confirmed Phishing` value is the value to set the field to.
The `/incidentSet` command is also used to set the value of an incident field. However, the `/` character is used to indicate that the command is being run as an administrator. This means that the command will have access to all of the incident fields, even those that are not visible to regular users.
The `!setIncident` and `/setIncident` commands are not used to set the value of an incident field. The `!setIncident` command is used to create a new incident, and the `/setIncident` command is used to update an existing incident.
Therefore, the correct command to run in the War Room CLI to set the incident field “Description” to “Confirmed Phishing” is `!incidentSet description=”Confirmed Phishing”`.
Reference
- CAP Exam Review Course (EC00M) – ISA
- Reference Docs | Cortex XSOAR (pan.dev)
- War Room Overview • Cortex XSOAR Administrator Guide • Reader • Palo Alto Networks documentation portal
- Cortex XSOAR Concepts | Cortex XSOAR (pan.dev)
Palo Alto Networks Certified Security Automation Engineer (PCSAE) certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Palo Alto Networks Certified Security Automation Engineer (PCSAE) exam and earn Palo Alto Networks Certified Security Automation Engineer (PCSAE) certification.