Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PSE-Cortex Topic 1 Question 50 Discussion

Actual exam question for Palo Alto Networks's PSE-Cortex exam
Question #: 50
Topic #: 1
[All PSE-Cortex Questions]

The certificate used for decryption was installed as a trusted root CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

Yolande
6 months ago
I think we should first try adding paloaltonetworks.com to the SSL Decryption Exclusion list.
upvoted 0 times
...
Lizbeth
6 months ago
But what if the certificate was installed properly? Should we still reinstall it?
upvoted 0 times
...
Alpha
6 months ago
I believe option D is the best choice, we should reinstall the root CA certificate.
upvoted 0 times
...
Stanford
7 months ago
I think we need to check if the certificate was installed correctly.
upvoted 0 times
...
Ty
8 months ago
Hmm, that's a good point. I wonder if that would be the most elegant solution though. Reinstalling the root CA just feels like it would be the most straightforward way to address the issue.
upvoted 0 times
...
Jovita
8 months ago
Yeah, but adding paloaltonetworks.com to the SSL Decryption Exclusion list could also work, right? That way, the traffic between the agents and the console wouldn't be decrypted, preserving the trust.
upvoted 0 times
...
Apolonia
8 months ago
I agree. If the issue is that the agents aren't communicating with the console, then reinstalling the root CA certificate seems like the logical step to take. That should ensure the trust is properly established again.
upvoted 0 times
...
Carlee
8 months ago
Hmm, this question seems a bit tricky. If the certificate was installed as a trusted root CA, then I don't think disabling SSL decryption would be the right answer. That would just break the communication altogether.
upvoted 0 times
Charlie
7 months ago
Sounds good. Let's give that a try.
upvoted 0 times
...
Gladys
7 months ago
Yeah, I agree. Let's go with option D and reinstall the certificate.
upvoted 0 times
...
Rachael
8 months ago
But wouldn't enabling SSL decryption defeat the purpose of having a root CA certificate?
upvoted 0 times
...
Charlene
8 months ago
B) enable SSL decryption
upvoted 0 times
...
Doretha
8 months ago
I think option D makes more sense. The certificate may have been corrupted.
upvoted 0 times
...
Jina
8 months ago
D) reinstall the root CA certificate
upvoted 0 times
...
Emilio
8 months ago
A) add paloaltonetworks com to the SSL Decryption Exclusion list
upvoted 0 times
...
...

Save Cancel