Examice

Exam PSE Strata All QuestionsBrowse all questions from this exam

Question 4

A customer is looking for an analytics tool that uses the logs on the firewall to detect actionable events on the network. They require something to automatically process a series of related threat events that, when combined, indicate a likely compromised host on their network or some other higher level conclusion. They need to pinpoint the area of risk, such as compromised hosts on the network, allows you to assess the risk and take action to prevent exploitation of network resources.

Which feature of PAN-OS can you talk about to address their requirement to optimize their business outcomes?

The Automated Correlation Engine

Cortex XDR and Cortex Data Lake

WildFire with API calls for automation

3rd Party SIEM which can ingest NGFW logs and perform event correlation

Correct Answer: A

The Automated Correlation Engine is designed to automatically analyze firewall logs to detect actionable events on the network. It processes a series of related threat events to reach a higher level conclusion, such as identifying a likely compromised host. This feature helps in pinpointing areas of risk and enables appropriate actions to prevent the exploitation of network resources, thus optimizing business outcomes.

Discussion

MajkielOption: B

why not cortex xdr? To address the customer's requirement for an analytics tool that uses firewall logs to detect actionable events on the network, automatically process a series of related threat events, and pinpoint areas of risk such as compromised hosts, you can talk about the Cortex XDR feature in PAN-OS.

wsdeffwdOption: A

https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/use-the-automated-correlation-engine

nobody165456131354Option: A

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/monitoring/use-the-automated-correlation-engine

freepotatoesOption: A

The Automated Correlation Engine