What is used to display only file entries in a War Room?
A. /files from War Room CLI
B. files from War Room CLI WW
C. incident files section in layout builder
D. files and attachments filters
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?
A. Tell them we can build it with Professional Services.
B. Tell them custom integrations are not created as part of the POC
C. Extend the POC window to allow the solution architects to build it
D. Agree to build the integration as part of the POC
正解:D
質問 3:
Which consideration should be taken into account before deploying Cortex XSOAR?
A. Which cybersecurity framework to implement for Secure Operations Center (SOC) operations
B. Whether communication with internal or external applications is required
C. Which endpoint protection software to integrate with Cortex XSOAR
D. How to configure network firewalls for optimal performance
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which two entities can be created as a BIOC? (Choose two.)
A. alert log
B. file
C. event log
D. registry
正解:B,D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types?
(Choose three.)
A. Set reminders for an incident SLA
B. Drop new incidents of the same type that contain similar information
C. Define whether a playbook runs automatically when an incident type is encountered
D. Add new fields to an incident type
E. Define the way that incidents of a specific type are displayed in the system
正解:A,C,E
質問 6:
What is the result of creating an exception from an exploit security event?
A. Triggered exploit protection module (EPM) for the host and process involved is disabled.
B. Administrators are exempt from generating alerts for 24 hours.
C. User is exempt from generating events for 24 hours.
D. Process from WildFire analysis is whitelisted.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
What are two ways Cortex XSIAM monitors for issues with data ingestion? (Choose two.)
A. The Data Ingestion Health page identifies deviations from normal patterns of log collection
B. The tenant's compute units consumption will change dramatically, indicating a collection issue.
C. It automatically runs a copilot playbook to troubleshoot and resolve ingestion issues.
D. The Cortex XSIAM Command Center dashboard will display a red icon if a data source is having issues.
正解:A,D
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
The Cortex XDR management service requires which other Palo Alto Networks product?
A. Panorama
B. Cortex Data Lake
C. Cortex XSOAR
D. Directory Sync
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake.
Where would the user configure the ratio of storage for each log type?
A. Go to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota
B. Within the TMS, create an agent settings profile and modify the Disk Quota value
C. Write a GPO for each endpoint agent to check in less often
D. It is not possible to configure Cortex Data Lake quota for specific log types.
正解:A
905 お客様のコメント





Hirata -
早速読みましたが、PSE-Cortex-Pro-24専門用語にパニックになりかけた頭に優しい丁寧な解説なのでするすると覚えられます。