Palo Alto Networks SecOps-Pro - Palo Alto Networks Security Operations Professional Exam
Page: 2 / 12
Total 60 questions
Question #6 (Topic: Exam A)
What is a difference between cold storage and hot storage in Cortex?
A. Cold storage is required, while hot storage is optional.
B. Cold storage and hot storage can be stored in different cloud locations.
C. Logs in cold storage have more details than logs stored in hot storage.
D. Querying logs in cold storage takes more time than querying logs in hot storage.
Answer: D
Question #7 (Topic: Exam A)
Where in Cortex XSOAR are analystsle to collaborate and converse with others for joint real-time investigations?
A. Investigations tab
B. War Room
C. Evidence Board
D. Work plan
Answer: B
Question #8 (Topic: Exam A)
Which Cortex XDR component raises an alert when suspicious activity composed of multiple events is detected and deviates from established baseline behavior?
A. Analytics Engine
B. Causality Analysis Engine
C. XQL Query Engine
D. Cloud Identity Engine
Answer: A
Question #9 (Topic: Exam A)
Which two types of content can be installed or upgraded through a Cortex XSIAM content pack? (Choose two.)
A. Analytics alerts
B. Playbook triggers
C. Data Model rules
D. Behavioral Threat Protection (BTP)
Answer: AC
Question #10 (Topic: Exam A)
What is required to enable ingestion of on-premises firewall logs into Cortex XDR?
A. Broker VM
B. API
C. PAN-OS content pack
D. Cloud Identity Engine
Answer: A
