Splunk SPLK-2003 - Splunk SOAR Certified Automation Developer Exam

Question #1 (Topic: Exam A)
Which of the following can the format block be used for?
A. To generate string parameters for automated action blocks. B. To create text strings that merge static text with dynamic values for input or output. C. To generate arrays for input into other functions. D. To generate HTML or CSS content for output in email messages, user prompts, or comments.
Answer: B
Question #2 (Topic: Exam A)
During a second test of a playbook, a user receives an error that states: "an empty parameters list was passed to phantom.act()." What does this indicate?
A. The container has artifacts not parameters. B. The playbook is using an incorrect container. C. The playbook debugger's scope is set to all. D. The playbook debugger's scope is set to new.
Answer: A
Question #3 (Topic: Exam A)
Which of the following can be edited or deleted in the Investigation page?
A. Action results B. Comments C. Artifact values D. Approval records
Answer: B
Question #4 (Topic: Exam A)
What is the main purpose of using a customized workbook?
A. Workbooks automatically implement a customized processing of events using Python code. B. Workbooks apply service level agreements (SLAs) to containers and monitor completion status on the ROI dashboard. C. Workbooks guide user activity and coordination during event analysis and case operations. D. Workbooks may not be customized; only default workbooks are permitted within SOAR.
Answer: C
Question #5 (Topic: Exam A)
Which of the following are the default ports that must be configured on Splunk to allow connections from SOAR?
A. SplunkWeb (8088), SplunkD (8089), HTTP Collector (8000) B. SplunkWeb (8472), SplunkD (8589), HTTP Collector (8962) C. SplunkWeb (8000), SplunkD (8089), HTTP Collector (8088) D. SplunkWeb (8089), SplunkD (8088), HTTP Collector (8000)
Answer: C
Download Exam
Page: 1 / 16
Total 78 questions