Palo Alto Networks Certified XDR Engineer XDR-Engineer Exam Questions

[Planning and Installation]

When using Kerberos as the authentication method for Pathfinder, which two settings must be validated on the DNS server? (Choose two.)

[Data Ingestion and Integration]

In addition to using valid authentication credentials, what is required to enable the setup of the Database Collector applet on the Broker VM to ingest database activity?

[Data Ingestion and Integration]

How can a customer ingest additional events from a Windows DHCP server into Cortex XDR with minimal configuration?

[Maintenance and Troubleshooting]

Log events from a previously deployed Windows XDR Collector agent are no longer being observed in the console after an OS upgrade. Which aspect of the log events is the probable cause of this behavior?

[Dashboards and Reporting]

An engineer is building a dashboard to visualize the number of alerts from various sources. One of the widgets from the dashboard is shown in the image below:

The engineer wants to configure a drilldown on this widget to allow dashboard users to select any of the alert names and view those alerts with additional relevant details. The engineer has configured the following XQL query to meet the requirement:

dataset = alerts

| fields alert_name, description, alert_source, severity, original_tags, alert_id, incident_id

| filter alert_name =

| sort desc _time

How will the engineer complete the third line of the query (filter alert_name =) to allow dynamic filtering on a selected alert name?

[Post-Deployment Management and Configuration]

Using the Cortex XDR console, how can additional network access be allowed from a set of IP addresses to an isolated endpoint?

[Data Ingestion and Integration]

An administrator wants to employ reusable rules within custom parsing rules to apply consistent log field extraction across multiple data sources. Which section of the parsing rule should the administrator use to define those reusable rules in Cortex XDR?