Palo Alto Networks XDR-Engineer Actual Free Exam Questions & Community Discussion

Which components may be included in a Cortex XDR content update?

An engineer is building a dashboard to visualize the number of alerts from various sources. One of the widgets from the dashboard is shown in the image below:

The engineer wants to configure a drilldown on this widget to allow dashboard users to select any of the alert names and view those alerts with additional relevant details. The engineer has configured the following XQL query to meet the requirement:
dataset = alerts
| fields alert_name, description, alert_source, severity, original_tags, alert_id, incident_id
| filter alert_name =
| sort desc _time
How will the engineer complete the third line of the query (filter alert_name =) to allow dynamic filtering on a selected alert name?

An administrator wants to employ reusable rules within custom parsing rules to apply consistent log field extraction across multiple data sources. Which section of the parsing rule should the administrator use to define those reusable rules in Cortex XDR?

Some company employees are able to print documents when working from home, but not on network- attached printers, while others are able to print only to file. What can be inferred about the affected users' inability to print?

During the deployment of a Broker VM in a high availability (HA) environment, after configuring the Broker VM FQDN, an XDR engineer must ensure agent installer availability and efficient content caching to maintain performance consistency across failovers. Which additionalconfiguration steps should the engineer take?

A cloud administrator reports high network bandwidth costs attributed to Cortex XDR operations and asks for bandwidth usage to be optimized without compromising agent functionality. Which two techniques should the engineer implement? (Choose two.)