3 Months Free Update
3 Months Free Update
3 Months Free Update
Which Linux OS command will manually load Docker images onto the Cortex XSOAR server in an air-gapped environment?
An EDR project was initiated by a CISO. Which resource will likely have the most heavy influence on the project?
Which statement best describes the benefits of the combination of Prisma Cloud, Cortex Xpanse, and partner services?
Which technology allows a customer to integrate Cortex Xpanse with third-party applications or services, assets, and IP ranges while leveraging investigation capabilities?
In addition to incident volume, which four critical factors must be evaluated to determine effectiveness and ROI on cybersecurity planning and technology?
A General Purpose Dynamic Section can be added to which two layouts for incident types? (Choose two)
A customer has purchased Cortex Data Lake storage with the following configuration, which requires 2 TB of Cortex Data Lake to order:
support for 300 total Cortex XDR clients all forwarding Cortex XDR data with 30-day retention
storage for higher fidelity logs to support Cortex XDR advanced analytics
The customer now needs 1000 total Cortex XDR clients, but continues with 300 clients forwarding Cortex XDR data with 30-day retention.
What is the new total storage requirement for Cortex Data Lake storage to order?
Why is it important to document notes from the Proof of Value (POV) for post-sales hand off?
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.)
SUCCESS
Rearrange the steps into the correct order for modifying an incident layout.
How does the integration between Cortex Xpanse and Cortex XSOAR benefit security teams?
Which action should be performed by every Cortex Xpanse proof of value (POV)?
A Cortex XSOAR customer wants to send a survey to users asking them to input their manager's email for a training use case so the manager can receive status reports on the employee's training. However, the customer is concerned users will provide incorrect information to avoid sending status updates to their manager.
How can Cortex XSOAR most efficiently sanitize user input prior to using the responses in the playbook?
What is a requirement when integrating Cortex XSIAM or Cortex XDR with other Palo Alto Networks products?
What should be configured for a Cortex XSIAM customer who wants to automate the response to certain alerts?
A customer has 2700 endpoints. There is currently concern about recent attacks in their industry and threat intelligence from a third-party subscription. In an attempt to be proactive, phishing simulations have been prioritized, but the customer wants to gain more visibility and remediation capabilities specific to their network traffic.
Which Cortex product provides these capabilities?
During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.
During the service instance provisioning which three DNS host names are created? (Choose three.)
If you have a playbook task that errors out. where could you see the output of the task?
A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?
When analyzing logs for indicators, which are used for only BIOC identification'?
The Cortex XDR management service requires which other Palo Alto Networks product?
On a multi-tenanted v6.2 Cortex XSOAR server, which path leads to the server.log for "Tenant1"?
An administrator of a Cortex XDR protected production environment would like to test its ability to protect users from a known flash player exploit.
What is the safest way to do it?
What is the primary mechanism for the attribution of attack surface data in Cortex Xpanse?
The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console. What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?
An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network.
Which Cortex XDR Analytics alert will this activity most likely trigger?
Which two areas of Cortex XDR are used for threat hunting activities? (Choose two.)
Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types? (Choose three.)
What is the requirement for enablement of endpoint and network analytics in Cortex XDR?
Which product enables the discovery, exchange, and contribution of security automation playbooks, built into Cortex XSOAR?
A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake.
Where would the user configure the ratio of storage for each log type?
Which aspect of Cortex Xpanse allows for visibility over remote workforce risks?
Which Cortex XDR capability prevents running malicious files from USB-connected removable equipment?
What is the size of the free Cortex Data Lake instance provided to a customer who has activated a TMS tenant, but has not purchased a Cortex Data Lake instance?
"Bob" is a Demisto user. Which command is used to add 'Bob" to an investigation from the War Room CLI?