Which of the following is a step when configuring event forwarding from Splunk to Phantom?
Which of the following are the steps required to complete a full backup of a Splunk Phantom deployment' Assume the commands are executed from /opt/phantom/bin and that no other backups have been made.
Without customizing container status within SOAR, what are the three types of status for a container?
Phantom supports multiple user authentication methods such as LDAP and SAML2. What other user authentication method is supported?
The SOAR server has been configured to use an external Splunk search head for search and searching on SOAR works; however, the search results don't include content that was being returned by search before configuring external search. Which of the following could be the problem?
Configuring SOAR search to use an external Splunk server provides which of the following benefits?
Which of the following actions will store a compressed, secure version of an email attachment with suspected malware for future analysis?
When working with complex data paths, which operator is used to access a sub-element inside another element?
To limit the impact of custom code on the VPE, where should the custom code be placed?
Which of the following expressions will output debug information to the debug window in the Visual Playbook Editor?
An active playbook can be configured to operate on all containers that share which attribute?
Splunk user account(s) with which roles must be created to configure Phantom with an external Splunk Enterprise instance?
Which two playbook blocks can discern which path in the playbook to take next?
When writing a custom function that uses regex to extract the domain name from a URL, a user wants to create a new artifact for the extracted domain. Which of the following Python API calls will create a new artifact?