Examice

Exam PCSAE All QuestionsBrowse all questions from this exam

Go to Exam

Question 41

Incidents need to be filtered by all of the following criteria:

1. Status `" Pending

2. Exclude Category `" Job

3. Severity `" High

4. Owner `" None (No owner assigned)

5. Type `" Phishing

6. Email Subject `" `You have won a million dollars`

What is the correct query syntax for the above incident search filter?

status==ג€Pendingג€ && category!=ג€jobג€ && severity==ג€Highג€ && owner==ג€Noneג€ && type==ג€Phishingג€ && emailsubject==ג€You have won a million dollarsג€

Status:Pending and ג€"Category:job and Severity:High and Owner:ג€ג€ and Type:Phishing and Email Subject:You have won a million dollars

status:Pending and ג€"category:job and severity:High and owner:ג€ג€ and type:Phishing and emailsubject:ג€You have won a million dollarsג€

status:Pending or ג€"category:job or severity:High or owner:ג€ג€ or type:Phishing or emailsubject:ג€You have won a million dollarsג€

Correct Answer: A

To correctly filter incidents based on the specified criteria, the query syntax should use equality and inequality operators in a structured way. The correct syntax should be 'status=="Pending" && category!="job" && severity=="High" && owner=="None" && type=="Phishing" && emailsubject=="You have won a million dollars"'. This format correctly handles all specified filters including the exclusion of a category and the exact match for the email subject.

Discussion

franko_72

I think it should look something like this: status:Pending -category:job and severity:High owner: type:Phishing emailsubject:"You have won a million dollars"