U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks PSE-Cortex Exam - Topic 1 Question 38 Discussion

An administrator of a Cortex XDR protected production environment would like to test its ability to protect users from a known flash player exploit.What is the safest way to do it?
C) The administrator should create a non-production Cortex XDR test environment that accurately represents the production environment, introduce the weaponized flash file, and monitor the Events tab on the Cortex XDR console.
A) The administrator should attach a copy of the weapomzed flash file to an email, send the email to a selected group of employees, and monitor the Events tab on the Cortex XDR console
B) The administrator should use the Cortex XDR tray icon to confirm his corporate laptop is fully protected then open the weaponized flash file on his machine, and monitor the Events tab on the Cortex XDR console.
D) The administrator should place a copy of the weaponized flash file on several USB drives, scatter them around the office and monitor the Events tab on the Cortex XDR console

Palo Alto Networks PSE-Cortex Exam - Topic 1 Question 38 Discussion

Actual exam question for Palo Alto Networks's PSE-Cortex exam
Question #: 38
Topic #: 1
[All PSE-Cortex Questions]

An administrator of a Cortex XDR protected production environment would like to test its ability to protect users from a known flash player exploit.

What is the safest way to do it?

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

0/2000 characters
Nada
7 months ago
I thought Flash was dead? Why are we even testing this?
upvoted 0 times
...
Rebbecca
7 months ago
Scattering USB drives? That sounds risky and kinda silly.
upvoted 0 times
...
Fausto
8 months ago
Wait, why would anyone use option A? That's just asking for trouble.
upvoted 0 times
...
Kirby
8 months ago
Totally agree, testing in a non-production environment is key!
upvoted 0 times
...
Curt
8 months ago
Option C seems like the safest bet.
upvoted 0 times
...
Eura
8 months ago
I have a vague recollection that testing directly on production systems is risky, so I wouldn't choose A or B.
upvoted 0 times
...
Alica
8 months ago
I feel like we practiced a similar question where using a test environment was emphasized. Option C sounds familiar.
upvoted 0 times
...
Laurel
8 months ago
I'm not entirely sure, but I think sending an email with the exploit could lead to unintended consequences.
upvoted 0 times
...
Elfrieda
9 months ago
I remember discussing the importance of testing in a safe environment, so option C seems like the best choice.
upvoted 0 times
...
Lisandra
9 months ago
I'm a bit confused on this one. Is the ICM script also required, or is that just for the overall call flow? I'll have to double-check my understanding.
upvoted 0 times
...
Curt
9 months ago
The Interoperability Matrix Tool and Active IQ Config Advisor seem like the way to go here. I'm confident those will help me verify the compatibility I need.
upvoted 0 times
...
Jacqueline
9 months ago
I'm a bit confused by the wording of these options. Are they trying to trick us or is this a straightforward question? I'll have to re-read it a few times to make sure I'm not missing something.
upvoted 0 times
...
Lyda
9 months ago
Okay, let me see. I know other comprehensive income is for items that aren't included in net profit or loss, so it's probably not B, C, or D since those seem more like income statement items. I'm leaning towards A, but I'll double-check my notes just to be sure.
upvoted 0 times
...

Save Cancel