Exam XSIAM-Engineer Topic 2 Question 111 Discussion

Actual exam question for Palo Alto Networks's XSIAM-Engineer exam
Question #: 111
Topic #: 2

A company is evaluating the security posture of its existing CI/CD pipelines and DevOps practices to align with XSIAM's DevSecOps principles. They use Jenkins for CI/CD, Gitlab for source code management, and deploy to Kubernetes clusters. What specific telemetry sources from this ecosystem are crucial for XSIAM, and how can XSIAM contribute to improving their 'shift-left' security posture?

A. Crucial Telemetry: Only security scans from Jenkins. XSIAM Contribution: Provides a dashboard for vulnerability scan results from Jenkins. B. Crucial Telemetry: Git commit logs, Jenkins build logs (including static application security testing (SAST) and dynamic application security testing (DAST) results), container image scan results from registries, Kubernetes audit logs. XSIAM Contribution: Consolidates these diverse logs for correlation, anomaly detection (e.g., unauthorized changes to CI/CD configs), and can trigger automated responses based on detected risks early in the pipeline. C. Crucial Telemetry: Network flow logs from Kubernetes pods. XSIAM Contribution: Monitors network traffic for anomalies within the build environment. D. Crucial Telemetry: CPU and memory utilization metrics from Jenkins agents. XSIAM Contribution: Optimizes resource allocation for CI/CD pipelines based on security posture. E. Crucial Telemetry: User login activity to Jenkins. XSIAM Contribution: Provides basic user authentication logs from Jenkins.

Suggested Answer: B Vote an answer

To achieve effective 'shift-left' security with XSIAM, comprehensive telemetry from the entire CI/CD pipeline is necessary. This includes source code changes (Git logs), build and test results (Jenkins logs, including SAST/DAST), artifact integrity (container registry scans), and runtime security (Kubernetes audit logs, runtime protection for containers via Cortex XDR). XSIAM's strength lies in its ability to ingest, correlate, and analyze this disparate data, identifying threats, misconfigurations, or policy violations earlier in the development lifecycle, thereby 'shifting security left.' It provides consolidated visibility and the ability to automate responses based on these insights.

by Noah at Mar 30, 2026, 12:25 AM

Limited Time Offer

15%

Off

Get Premium XSIAM-Engineer Questions as Interactive Self Test Engine or PDF

Comments

Here are all the actual test exam dumps for IT exams. Most people prepare for the actual exams with our test dumps to pass their exams. So it's critical to choose and actual test pdf to succeed.

RECENT DISCUSSIONS

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Disclaimer:
Actual4test doesn't offer Real SANS and GIAC Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
Actual4test material do not contain actual actual Oracle Exam Questions or material.
Actual4test doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
Actual4test Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Actual4test does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Actual4test does not own or claim any ownership on any of the brands.