logo

Palo Alto Networks XSIAM-Engineer - Palo Alto Networks XSIAM Engineer Exam

Download Exam View Entire Exam Collapse/Expand All Expose All Answers
Page: 1 / 12
Total 59 questions
Question #1 (Topic: Exam A)
How will Cortex XSIAM help with raw log ingestion from third-party sources in an existing infrastructure?
A. Any structured logs coming into it are left completely unchanged, and only metadata is added to the raw data. B. For structured logs, like CEF, LEEF, and JSON, it decouples the key-value pairs and saves them in table format. C. Any unstructured logs coming into it are left completely unchanged, and metadata is not added to the raw data. D. For unstructured logs, it decouples the key-value pairs and saves them in a table format.
Answer: B
Question #2 (Topic: Exam A)
In which two locations can correlation rules be monitored for errors? (Choose two.)
A. XDR Collector audit logs (type = Rules, subtype = Error) B. correlations_auditing dataset through XQL C. Management audit logs (type = Rules, subtype = Error) D. Alerts table as a health alert
Answer: AB
Question #3 (Topic: Exam A)
Which option should be used when customizing a dashboard in Cortex XSIAM to include a widget that will display data filtered by more than one dynamic value?
A. Free text/number B. Multi-select C. Fixed filter D. Single-select
Answer: B
Question #4 (Topic: Exam A)
How must Cloud Identity Engine be deployed and activated on Cortex XSIAM?
A. In a different region than Cortex XSIAM; logs can be verified using pan_dss_raw dataset B. In a different region than Cortex XSIAM; logs can be verified using endpoints dataset C. In the same region as Cortex XSIAM; logs can be verified using pan_dss_raw dataset D. In the same region as Cortex XSIAM; logs can be verified using endpoints dataset
Answer: C
Question #5 (Topic: Exam A)
Which common issue can result in sudden data ingestion loss for a data source that was previously successful?
A. Data source is using an unsupported data format. B. Data source has reached its maximum storage capacity. C. Data source has reached its end of life for support. D. API key used for the integration has expired.
Answer: D
Download Exam
Page: 1 / 12
Total 59 questions