Q: 1
A network security engineer wants to forward Strata Logging Service data to tools used by the
Security Operations Center (SOC) for further investigation. In which best practice step of Palo Alto
Networks Zero Trust does this fit?
Options
Discussion
D or B? If they mean regular monitoring, D fits, but if it's setup, I might pick B.
Why not C? Mapping and verifying are before you're logging but standards could include setting up log forwarding policies.
D here. Forwarding logs to the SOC is part of ongoing reporting and monitoring, not just one-time setup. Pretty sure that's why it fits with Report and Maintenance.
B tbh, because configuring forwarding could be part of Implementation, not just ongoing ops like D suggests.
D fits here, since sending logs to the SOC is about continuous monitoring and reporting, not just initial setup. That's straight into Report and Maintenance for Zero Trust best practices in Palo. Pretty sure on this one, but happy if someone sees it different.
D
I don't think it's D here, seems more like B. The trap is that 'forwarding' the logs could just be setting up the integration during implementation, not regular monitoring/reporting. Did I miss something?
A is wrong, D fits. Forwarding Strata logs to SOC tools is ongoing monitoring, not just setup. That's why it's part of Report and Maintenance in Palo's Zero Trust steps. I'm pretty sure that's what the exam expects here, but open to a different take.
Definitely D. Log forwarding for SOC use is part of ongoing Report and Maintenance, not a one-off config. Agree?
D not B. Implementation's a trap here, pretty sure log forwarding to SOC is ongoing ops under Report and Maintenance per other exam reports.
Be respectful. No spam.
