Palo Alto Networks SecOps-Pro Exam Questions & Answers

Question 6 of 60

What is a difference between cold storage and hot storage in Cortex?

A.

Cold storage is required, while hot storage is optional.

B.

Cold storage and hot storage can be stored in different cloud locations.

C.

Logs in cold storage have more details than logs stored in hot storage.

D.

Querying logs in cold storage takes more time than querying logs in hot storage.

Question 7 of 60

Where in Cortex XSOAR are analystsle to collaborate and converse with others for joint real-time investigations?

A.

Investigations tab

B.

War Room

C.

Evidence Board

D.

Work plan

Question 8 of 60

Which Cortex XDR component raises an alert when suspicious activity composed of multiple events is detected and deviates from established baseline behavior?

A.

Analytics Engine

B.

Causality Analysis Engine

C.

XQL Query Engine

D.

Cloud Identity Engine

Question 9 of 60

Which two types of content can be installed or upgraded through a Cortex XSIAM content pack? (Choose two.)

A.

Analytics alerts

B.

Playbook triggers

C.

Data Model rules

D.

Behavioral Threat Protection (BTP)

Question 10 of 60

What is required to enable ingestion of on-premises firewall logs into Cortex XDR?

A.

Broker VM

B.

API

C.

PAN-OS content pack

D.

Cloud Identity Engine