Palo Alto Networks Exam PSE-Cortex Topic 1 Question 50 Discussion

Actual exam question for Palo Alto Networks's Palo Alto Networks System Engineer - Cortex Professional exam

Question #: 50
Topic #: 1

[All Palo Alto Networks System Engineer - Cortex Professional Questions]

The certificate used for decryption was installed as a trusted root CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

Aadd paloaltonetworks com to the SSL Decryption Exclusion list

Benable SSL decryption

Cdisable SSL decryption

Dreinstall the root CA certificate

Show Suggested Answer

Suggested Answer: D

by Eun at Mar 10, 2024, 04:54 PM

Limited Time Offer

25%

Off

Get Premium PSE-Cortex Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ty

11 days ago

Hmm, that's a good point. I wonder if that would be the most elegant solution though. Reinstalling the root CA just feels like it would be the most straightforward way to address the issue.

upvoted 0 times

...

Jovita

12 days ago

Yeah, but adding paloaltonetworks.com to the SSL Decryption Exclusion list could also work, right? That way, the traffic between the agents and the console wouldn't be decrypted, preserving the trust.

upvoted 0 times

...

Apolonia

13 days ago

I agree. If the issue is that the agents aren't communicating with the console, then reinstalling the root CA certificate seems like the logical step to take. That should ensure the trust is properly established again.

upvoted 0 times

...

Carlee

14 days ago

Hmm, this question seems a bit tricky. If the certificate was installed as a trusted root CA, then I don't think disabling SSL decryption would be the right answer. That would just break the communication altogether.

upvoted 0 times

...