PSE-Cortex 無料問題集「Palo Alto Networks System Engineer - Cortex Professional」

（A）External dynamic list

（B）XDR agent

（C）Broker VM

（D）Playbook

（A）Threat, Monitor. System, Analytic

（B）Threat, Config, Authentication, Analytic

（C）Threat, Config, System, Analytic

（D）Threat, Config, System, Data

（A）10 GB

（B）1 TB

（C）10 TB

（D）100 GB

（A）

（B）

（C）

（D）

（A）heuristic analysis

（B）dynamic analysis

（C）WildFire hash comparison

（D）signature comparison

（A）By responding to management with risk scores

（B）By purging unopened phishing email from user mailboxes

（C）By emailing staff to inform them of phishing attack in advance

（D）By developing an integration.

（A）SIEMs supports only agentless scanning, not agent-based workload protection across VMs, containers
/Kubernetes.

（B）UEBA establishes a secure connection in which endpoints can be routed, and it collects and forwards logs and files for analysis.

（C）SIEMs have difficulty detecting unknown or advanced security threats that do not involve malware, such as credential theft.

（D）UEBA can add trusted signers of Windows or Mac processes to a whitelist in the Endpoint Security Manager (ESM) Console.

（A）Install the Cortex XOR Agent on the local machine

（B）Use the Cortex XDR VDI tool to obtain verdicts for all PE files

（C）Run the Cortex VDI conversion tool

（D）Configure the Golden Image as a persistent VDI

（A）Hash comparisons come after local static analysis.

（B）Local static analysis happens before a WildFire verdict check.

（C）A trusted signed file is exempt from local static analysis.

（D）In the final step, the block list is verified.