SecOps-Pro問題集、Palo Alto Networks実際の試験問題

質問 1

A security operations center (SOC) engineer is designing a complex Cortex XSIAM playbook to automate a complete response workflow. The goal is to visually break down the extensive process into manageable, logical phases, aiding analyst navigation and troubleshooting.
Which type of playbook task is specifically designed for structuring the steps in this scenario?

A. Conditional

B. Standard

C. Data collection

D. Section header

正解: D

解説: (PassTest メンバーにのみ表示されます)

質問 2

Which two roles can access data model rules in Cortex XSIAM? (Choose two.)

A. Account admin

B. IT administrator

C. Instance administrator

D. Deployment admin

正解: A,C

解説: (PassTest メンバーにのみ表示されます)

質問 3

Which two statements apply to creating scripts in Cortex XSOAR? (Choose two.)

A. They can be scheduled to run at a later time and day.

B. They can be protected using a password.

C. They can be written using Java.

D. They can be executed with higher permissions.

正解: A,D

解説: (PassTest メンバーにのみ表示されます)

質問 4

How can an administrator run a Cortex XSOAR playbook regularly at a specific time and day of the week?

A. By creating a script that will run the playbook

B. By creating a scheduled report that will run the playbook

C. By configuring the playbook to run on a specific date and time

D. By creating a job that will run the playbook

正解: D

解説: (PassTest メンバーにのみ表示されます)

質問 5

A security analyst is tuning Cortex XDR after a custom application, which uses the mshta.exe utility with a legitimate internal script, triggers a behavioral threat alert. The administrator must ensure the legitimate script runs without detection. Which set of criteria must be included in the new exception rule to prevent future false positives while maintaining protection against similar malicious activity?

A. Alert exclusion that is based on the name of the threat

B. Exception based on the process path and script command-line arguments

C. File name hash (SHA256) of the mshta.exe file

D. Signature or signer of the mshta.exe binary

正解: B

解説: (PassTest メンバーにのみ表示されます)

質問 6

During a sophisticated cyber attack, a company experiences a stealthy, multivector intrusion that evades detection by traditional security tools.
The company requires a solution that will correlate and analyze the disparate attack indicators across its network, endpoints, and cloud environments to uncover the full scope of the breach and take immediate automated response actions.
Which solution should be recommended?

A. XDR

B. EDR

C. XSOAR

D. SIEM

正解: A

解説: (PassTest メンバーにのみ表示されます)

質問 7

Which Cortex XSOAR capability provides sourcing, download, and management of curated collections of security orchestration content?

A. Content contribution interface

B. Cortex Marketplace

C. Content version control

D. Deployment Wizard

正解: B

解説: (PassTest メンバーにのみ表示されます)

Palo Alto Networks Security Operations Professional - SecOps-Pro 模擬練習