Most Recent Palo Alto Networks XDR-Engineer Exam Dumps

Prepare for the Palo Alto Networks Certified XDR Engineer exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the Palo Alto Networks XDR-Engineer exam and achieve success.

The questions for XDR-Engineer were last updated on Jun 16, 2025.

Viewing page 1 out of 10 pages.
Viewing questions 1-5 out of 50 questions

Get All 50 Questions & Answers

Question No. 1

[Cortex XDR Agent Configuration]

A security audit determines that the Windows Cortex XDR host-based firewall is not blocking outbound RDP connections for certain remote workers. The audit report confirms the following:

All devices are running healthy Cortex XDR agents.

A single host-based firewall rule to block all outbound RDP is implemented.

The policy hosting the profile containing the rule applies to all Windows endpoints.

The logic within the firewall rule is adequate.

Further testing concludes RDP is successfully being blocked on all devices tested at company HQ.

Network location configuration in Agent Settings is enabled on all Windows endpoints.What is the likely reason the RDP connections are not being blocked?

AThe profile's default action for outbound traffic is set to Allow

BThe pertinent host-based firewall rule group is only applied to external rule groups

CReport mode is set to Enabled in the report settings under the profile configuration

DThe pertinent host-based firewall rule group is only applied to internal rule groups

Show Answer

Correct Answer: D

Question No. 2

[Planning and Installation]

When using Kerberos as the authentication method for Pathfinder, which two settings must be validated on the DNS server? (Choose two.)

ADNS forwarders

BReverse DNS zone

CReverse DNS records

DAD DS-integrated zones

Show Answer

Correct Answer: B, C

Question No. 3

[Data Ingestion and Integration]

When onboarding a Palo Alto Networks NGFW to Cortex XDR, what must be done to confirm that logs are being ingested successfully after a device is selected and verified?

AConduct an XQL query for NGFW log data

BWait for an incident that involves the NGFW to populate

CConfirm that the selected device has a valid certificate

DRetrieve device certificate from NGFW dashboard

Show Answer

Correct Answer: A

Question No. 4

[Cortex XDR Agent Configuration]

How can a Malware profile be configured to prevent a specific executable from being uploaded to the cloud?

ADisable on-demand file examination for the executable

BSet PE and DLL examination for the executable to report action mode

CAdd the executable to the allow list for executions

DCreate an exclusion rule for the executable

Show Answer

Correct Answer: D

Question No. 5

[Playbook Creation and Automation]

An XDR engineer is configuring an automation playbook to respond to high-severity malware alerts by automatically isolating the affected endpoint and notifying the security team via email. The playbook should only trigger for alerts generated by the Cortex XDR analytics engine, not custom BIOCs. Which two conditions should the engineer include in the playbook trigger to meet these requirements? (Choose two.)

AAlert severity is High

BAlert source is Cortex XDR Analytics

CAlert category is Malware

DAlert status is New

Show Answer

Correct Answer: A, C

Unlock All Questions for Palo Alto Networks XDR-Engineer Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 50 Questions & Answers