Palo Alto Networks System Engineer – Cortex — Question 58

An existing Palo Alto Networks SASE customer expresses that their security operations practice is having difficulty using the SASE data to help detect threats in their environment. They understand that parts of the Cortex portfolio could potentially help them and have reached out for guidance on moving forward.

Which two Cortex products are good recommendation for this customer? (Choose two.)

Answer options

• A. Cortex XSOAR
• B. Cortex XDR
• C. Cortex Xpanse
• D. Cortex XSIAM

Correct answer: A, B

Explanation

Cortex XSOAR is designed for security orchestration, automation, and response, making it ideal for streamlining operations and enhancing threat detection. Cortex XDR integrates data from multiple sources for comprehensive detection and response capabilities. Cortex Xpanse focuses on attack surface management, which is less relevant for immediate threat detection, while Cortex XSIAM is more about security information and event management rather than direct threat identification.