New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PSE-Cortex Exam - Topic 6 Question 86 Discussion

Actual exam question for Palo Alto Networks's PSE-Cortex exam
Question #: 86
Topic #: 6
[All PSE-Cortex Questions]

Cortex XSOAR has extracted a malicious IP address involved in command-and-control traffic.

What is the best method to automatically block this IP from communicating with endpoints without requiring a configuration change on the firewall?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Carin at Nov 21, 2025, 09:02 AM

Limited Time Offer

25%

Off

Get Premium PSE-Cortex Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leonardo
1 day ago
Wait, can we really block it without a firewall change? Sounds risky.
upvoted 0 times
...
Buck
6 days ago
I disagree, A just delays the process.
upvoted 0 times
...
Laurene
12 days ago
A) Raising a NetOps ticket is the most bureaucratic approach.
upvoted 0 times
...
Krystina
17 days ago
C) Putting the IP in a threat intel list is a good way to track it.
upvoted 0 times
...
Veronika
22 days ago
Haha, who needs a firewall when you can just unplug the internet?
upvoted 0 times
...
Ligia
27 days ago
D) Blocking the IP with a deny rule in the firewall is the way to go.
upvoted 0 times
...
Werner
1 month ago
B) Adding the IP to an external dynamic list used by the firewall is the best method.
upvoted 0 times
...
Kerry
1 month ago
I keep second-guessing myself, but I feel like A is definitely not the right choice since it involves a ticket. We need something more immediate.
upvoted 0 times
...
Keena
1 month ago
I practiced a similar question, and I feel like D is too manual. We want something that doesn't require a firewall change, so I think B is the way to go.
upvoted 0 times
...
Merri
2 months ago
I think the best option might be B, adding the IP to an external dynamic list. It seems like a way to automate the blocking without needing a manual change.
upvoted 0 times
...
Albina
2 months ago
Hmm, I'm not sure if I fully understand the differences between the options. Can someone clarify whether creating a dynamic list (option B) is more effective than just adding the IP to a threat intelligence list (option C)? I want to make sure I pick the best approach.
upvoted 0 times
...
Devora
2 months ago
Option D seems like the most direct way to block the IP, but I'm worried that creating a custom firewall rule might require more manual intervention down the line. I'm leaning towards B to keep things automated and low-maintenance.
upvoted 0 times
...
Teri
2 months ago
I agree, B makes sense. Dynamic lists are efficient for this.
upvoted 0 times
...
Alesia
2 months ago
B is the way to go! External dynamic lists are super effective.
upvoted 0 times
...
Rosio
2 months ago
I think option B is the best choice. It’s quick and doesn’t need a firewall change.
upvoted 0 times
...
Una
3 months ago
I'm not entirely sure, but I remember something about using threat intelligence lists. Maybe C could be useful for future alerts, but it doesn't block the IP immediately.
upvoted 0 times
...
Emilio
3 months ago
But what about option C? Elevating alerts could help in the long run.
upvoted 0 times
...
Ronnie
3 months ago
I'm a bit confused on the differences between the options. Is option C just for prioritizing alerts, or does it actually block the IP as well? I want to make sure I fully understand the implications of each choice.
upvoted 0 times
...
Dino
3 months ago
I think option B is the best approach here. Creating a dynamic list that the firewall can reference seems like the most automated and efficient way to block this IP without having to manually configure the firewall.
upvoted 0 times
...

Save Cancel