3 Months Free Update
3 Months Free Update
3 Months Free Update
The SOAR server has been configured to use an external Splunk search head for search and searching on SOAR works; however, the search results don't include content that was being returned by search before configuring external search. Which of the following could be the problem?
Without customizing container status within Phantom, what are the three types of status for a container?
Some of the playbooks on the Phantom server should only be executed by members of the admin role. How can this rule be applied?
Which of the following will show all artifacts that have the term results in a filePath CEF value?
Which of the following are the default ports that must be configured on Splunk to allow connections from Phantom?
Within the 12A2 design methodology, which of the following most accurately describes the last step?
Which app allows a user to send Splunk Enterprise Security notable events to Phantom?
When writing a custom function that uses regex to extract the domain name from a URL, a user wants to create a new artifact for the extracted domain. Which of the following Python API calls will create a new artifact?
Splunk user account(s) with which roles must be created to configure Phantom with an external Splunk Enterprise instance?
What is the primary objective of using the I2A2 playbook design methodology?
To limit the impact of custom code on the VPE, where should the custom code be placed?
Which of the following supported approaches enables Phantom to run on a Windows server?
When the Splunk App for SOAR Export executes a Splunk search, which activities are completed?
Which of the following accurately describes the Files tab on the Investigate page?
If no data matches any filter conditions, what is the next block run by the playbook?
Is it possible to import external Python libraries such as the time module?