Where can engineers add the post-processing scripts to incidents?

A. The post-processing tag must be added to the automation

B. Post-processing scripts must be added at the end of playbooks

C. Post-processing scripts must be added from the Incident Type editor

D. Post-processing scripts must be added from the Post-Process Rules editor

Multiple company assets were reported by vulnerability scanners as being vulnerable to CVE-2017-11882. This vulnerability affects applications installed on workstations. The SOC team needs to take action and apply the new vulnerability patch that was just released. The team must first create a cause for each of the identified assets in ServiceNow IT Service Management (ITSM), in order to notify the IT department. Next, the team creates a task in the main playbook, which extracts the list of assets from the scanner report.

After the list of assets are created, what are the two solutions that the SOC team could take so that a case could be created and a patch installed? (Choose two.)

A. Create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Condition: AreValuesEqual – Exit on yes – left:1, right 1) and perform the following tasks:

-Active Directory User Enrichment based on the computerName

-Create the ServiceNow Record by adding the enrichment information

-Mark the ticket severity as Urgent

B. Create a sub-playbook with a single input containing the computer names that will loop `For Each Input' and perform the following tasks:

-Active Directory User Enrichment based on the computerName

-Create the ServiceNow Record by adding the enrichment information

-Mark the ticket severity as Urgent

C. Set a key for storing the iteration number and create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Exit condition: iterator contains the count of the number of items in the list) and perform the following tasks:

-Active Directory User Enrichment based on the computerName

-Create the ServiceNow Record by adding the enrichment information

-Mark the ticket severity as Urgent

D. Set a key for storing the iteration number and create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Exit condition: iterator equal to count of the number of item in the list) and perform the following tasks:

-Increase the iterator value by one each time

-Active Directory User Enrichment based on the computerName

-Create the ServiceNow Record by adding the enrichment information

-Mark the ticket severity as Urgent

How is data transferred between playbook tasks?

A. Read/Write from context data

B. Over war room results

C. Input from the indicator page

D. Directly from a previous task

What are three different loop types in a playbook? (Choose three.)

A. Automation

B. Built-in

C. Data collection

D. Conditional

E. For-each

An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users.

Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)

A. Open a ticket with the XSOAR support team

B. Create a pull request directly on Github

C. Contribute through the XSOAR UI

D. Send an email to [email protected]