What does the Cortex XSOAR "Saved by Dbot" widget calculate?
Aamount saved in Dollars according to actions carried out by all users in Cortex XSOAR across all incidents
Bamount saved in Dollars by using Cortex XSOAR instead of other products
Camount of time saved by each playbook task within an incident
Damount of time saved by Dbot's machine learning (ML) capabilities
A Cortex XSOAR customer has a phishing use case in which a playbook has been implemented with one of the steps blocking a malicious URL found in an email reported by one of the users.
What would be the appropriate next step in the playbook?
AEmail the CISO to advise that malicious email was found.
BDisable the user's email account.
CEmail the user to confirm the reported email was phishing.
DChange the user's password.
What are two ways a customer can configure user authentication access Cortex Xpanse? (Choose two.)
ASecure Shell (SSH)
BSAML
CRADIUS
DCustomer Support Portal (CSP)
When preparing for a Cortex XSOAR proof of value (POV), which task should be performed before the evaluation is requested?
AEnsuring that the customer has single sign-on (SSO) configured in their environment
BBuilding out an executive-level proposal detailing the product capabilities
CPlanning for every different use case the customer has for the solution
DGathering a list of the different integrations that will need to be configured
A customer has purchased Cortex XDR and requires phone support for the product.
Which Palo Alto Networks offering would fulfill this need?
APlatinum Success
BPremium Success
CDiamond Success
DStandard Success
What is the function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM?
AIt provides a statistical model for combining scores from multiple vendors.
BIt resolves conflicting scores from different vendors with the same indicator.
CIt allows for comparison between open-source intelligence and paid services.
DIt helps identify threat feed vendors with invalid content.
What allows the use of predetermined Palo Alto Networks roles to assign access rights to Cortex XDR users?
Arole-based access control (RBAC)
Bcloud identity engine (CIE)
Cendpoint groups
Drestrictions security profile
A prospective customer is interested in Cortex XDR but is enable to run a product evaluation.
Which tool can be used instead to showcase Cortex XDR?
ATest Flight
BWar Game
CTech Rehearsal
DCapture the Flag
In addition to migration and go-live, what are two best-practice steps for migrating from SIEM to Cortex XSIAM? (Choose two.)
AExecution
BCertification
CConclusion
DTesting
Which two actions are required to add indicators to the whitelist? (Choose two.)
AClick "New Whitelisted Indicator" in the Whitelist page.
BUpload an external file named "whitelist" to the Whitelist page.
CUpload an external file named "whitelist" to the Indicators page.
DSelect the indicators and click "Delete and Whitelist" in the Indicators page.
Which Cortex XSIAM license is required if an organization needs to protect a cloud Kubernetes host?
AAttack Surface Management
BCortex XSIAM Enterprise
CIdentity Threat Detection and Response
DCortex XSIAM Enterprise Plus
Which statement applies to the malware protection flow of the endpoint agent in Cortex XSIAM?
AA file from an allowed signer is exempt from local analysis.
BLocal analysis always happens before a WildFire verdict check.
CHash comparisons come after local static analysis.
DThe block list is verified in the final step.
Which playbook feature allows concurrent execution of tasks?
Aparallel tasks
Bautomation tasks
Cmanual tasks
Dconditional tasks
Which two Cortex XSOAR incident type features can be customized under Settings > Advanced > Incident Types? (Choose two.)
Aadding new fields to an incident type
Bsetting reminders for an incident service level agreement (SLA)
Cdefining whether a playbook runs automatically when an incident type is encountered
Ddropping new incidents of the same type that contain similar information