最新的Palo Alto Networks XSIAM Engineer - XSIAM-Engineer免費考試真題

問題1
What is the purpose of using rolling tokens to manage Cortex XDR agents?

正確答案: A
說明:(僅 VCESoft 成員可見)
問題2
In which two locations can correlation rules be monitored for errors? (Choose two.)

正確答案: B,D
說明:(僅 VCESoft 成員可見)
問題3
During the initial setup of a Cortex XSIAM tenant, a consultant is configuring the platform to notify the response team of critical system events and security alerts. The goal is to avoid using playbooks for basic messaging.
Which two alert notification options are available for this method of configuration? (Choose two.)

正確答案: B,C
說明:(僅 VCESoft 成員可見)
問題4
A vulnerability analyst asks a Cortex XSIAM engineer to identify assets vulnerable to newly reported zero-day CVE affecting the "ai_app" application and versions 12.1, 12.2, 12.4, and 12.5.
Which XQL query will provide the required result?

正確答案: B
說明:(僅 VCESoft 成員可見)
問題5
What is the function of the data source onboarding wizard in Cortex XSIAM?

正確答案: C
說明:(僅 VCESoft 成員可見)
問題6
A Cortex XSIAM engineer is implementing role-based access control (RBAC) and scope-based access control (SBAC) for users accessing the Cortex XSIAM tenant with the following requirements:
- Users managing machines in Europe should be able to manage and control all endpoints and installations, create profiles and policies, view alerts, and initiate Live Terminal, but only for endpoints in the Europe region.
- Users managing machines in Europe should not be able to create, modify, or delete new or existing user roles.
The Europe region endpoints are identified by both of the following:
- Endpoint Tag = "Europe-Servers" and Endpoint Group = "Europe" for servers in Europe
- Endpoint Group = "Europe" and Endpoint Tag = "Europe-Workstation" for workstations in Europe Which two sets of implementation actions should the engineer take? (Choose two.)

正確答案: A,D
說明:(僅 VCESoft 成員可見)
問題7
Which XQL command specifies the columns displayed in the query results?

正確答案: C
說明:(僅 VCESoft 成員可見)