最新的Palo Alto Networks Security Operations Professional - SecOps-Pro免費考試真題
Which activities are facilitated through the War Room in Cortex XSOAR?
正確答案: D
說明:(僅 Fast2test 成員可見)
With a Windows endpoint, what is required to remove the Cortex XDR agent when the endpoint is no longer online and cannot be managed directly from the management console?
正確答案: A
說明:(僅 Fast2test 成員可見)
A security auditor must ensure adherence to which two regulatory compliance frameworks when reviewing a financial institution's data protection policies? (Choose two.)
正確答案: A,D
說明:(僅 Fast2test 成員可見)
An administrator has configured Cortex XDR to ingest logs from third-party firewalls and is using Cortex XDR agents on endpoints. The goal is to see network connections from the firewalls correlated with the endpoint processes that initiated them. Which feature handles this correlation to form network stories?
正確答案: C
說明:(僅 Fast2test 成員可見)
The same IP address was fetched from two different threat intelligence feeds in Cortex XSOAR.
The first integration returns a verdict of Suspicious with an A (very reliable) confidence rating, while the second integration returns a verdict of Benign also with an A (very reliable) confidence rating. What is the final indicator verdict assigned to the IP address?
The first integration returns a verdict of Suspicious with an A (very reliable) confidence rating, while the second integration returns a verdict of Benign also with an A (very reliable) confidence rating. What is the final indicator verdict assigned to the IP address?
正確答案: D
說明:(僅 Fast2test 成員可見)
A Security Operations Center (SOC) using Cortex XDR observes a high-severity alert indicating a potential ransomware attack.
The alert details include a specific file hash (SHA256:
e3bOc44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855) associated with a suspicious process.
Which of the following Cortex XDR and Cortex XSOAR capabilities would be most effective in leveraging this file indicator for rapid investigation and containment?
The alert details include a specific file hash (SHA256:
e3bOc44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855) associated with a suspicious process.
Which of the following Cortex XDR and Cortex XSOAR capabilities would be most effective in leveraging this file indicator for rapid investigation and containment?
正確答案: D
說明:(僅 Fast2test 成員可見)
Why would a security engineer be unable to activate Cortex XDR analytics when configuring data sources and alert sensors during a Cortex XSIAM evaluation?
正確答案: A
說明:(僅 Fast2test 成員可見)
Where can the actions taken to stitch alerts together in Cortex XSIAM be viewed?
正確答案: D
說明:(僅 Fast2test 成員可見)