Summer Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

PSE-Cortex Sample Questions Answers

Questions 4

Which option is required to prepare the VDI Golden Image?

Options:

A.

Configure the Golden Image as a persistent VDI

B.

Use the Cortex XDR VDI tool to obtain verdicts for all PE files

C.

Install the Cortex XOR Agent on the local machine

D.

Run the Cortex VDI conversion tool

Buy Now
Questions 5

A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake.

Where would the user configure the ratio of storage for each log type?

Options:

A.

Within the TMS, create an agent settings profile and modify the Disk Quota value

B.

It is not possible to configure Cortex Data Lake quota for specific log types.

C.

Go to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota

D.

Write a GPO for each endpoint agent to check in less often

Buy Now
Questions 6

In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three )

Options:

A.

alert root cause

B.

hostname

C.

domain/workgroup membership

D.

OS

E.

presence of Flash executable

Buy Now
Questions 7

An Administrator is alerted to a Suspicious Process Creation security event from multiple users.

The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

Options:

A.

With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module

B.

Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist

C.

In the Cortex XDR security event, review the specific parent process, child process, and command line arguments

D.

Contact support and ask for a security exception.

Buy Now
Questions 8

Which task allows the playbook to follow different paths based on specific conditions?

Options:

A.

Conditional

B.

Automation

C.

Manual

D.

Parallel

Buy Now
Questions 9

How many use cases should a POC success criteria document include?

Options:

A.

only 1

B.

3 or more

C.

no more than 5

D.

no more than 2

Buy Now
Questions 10

How can you view all the relevant incidents for an indicator?

Options:

A.

Linked Incidents column in Indicator Screen

B.

Linked Indicators column in Incident Screen

C.

Related Indicators column in Incident Screen

D.

Related Incidents column in Indicator Screen

Buy Now
Questions 11

The prospect is deciding whether to go with a phishing or a ServiceNow use case as part of their POC We have integrations for both but a playbook for phishing only Which use case should be used for the POC?

Options:

A.

phishing

B.

either

C.

ServiceNow

D.

neither

Buy Now
Questions 12

Which two items are stitched to the Cortex XDR causality chain'' (Choose two)

Options:

A.

firewall alert

B.

SIEM alert

C.

full URL

D.

registry set value

Buy Now
Questions 13

Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?

Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)

Options:

A.

Generic Polling Automation Playbook

B.

Playbook Tasks

C.

Sub-Play books

D.

Playbook Functions

Buy Now
Questions 14

When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?

Options:

A.

splunk-get-alerts integration command

B.

Cortex XSOAR TA App for Splunk

C.

SplunkSearch automation

D.

SplunkGO integration

Buy Now
Questions 15

During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.

During the service instance provisioning which three DNS host names are created? (Choose three.)

Options:

A.

cc-xnet50.traps.paloaltonetworks.com

B.

hc-xnet50.traps.paloaltonetworks.com

C.

cc-xnet.traps.paloaltonetworks.com

D.

cc.xnet50traps.paloaltonetworks.com

E.

xnettraps.paloaltonetworks.com

F.

ch-xnet.traps.paloaltonetworks.com

Buy Now
Questions 16

How does an "inline" auto-extract task affect playbook execution?

Options:

A.

Doesn't wait until the indicators are enriched and continues executing the next step

B.

Doesn't wait until the indicators are enriched but populate context data before executing the next

C.

step. Wait until the indicators are enriched but doesn't populate context data before executing the next step.

D.

Wait until the indicators are enriched and populate context data before executing the next step.

Buy Now
Questions 17

In the DBotScore context field, which context key would differentiate between multiple entries for the same indicator in a multi-TIP environment?

Options:

A.

Vendor

B.

Type

C.

Using

D.

Brand

Buy Now
Questions 18

What is the difference between an exception and an exclusion?

Options:

A.

An exception is based on rules and exclusions are on alerts

B.

An exclusion is based on rules and exceptions are based on alerts.

C.

An exception does not exist

D.

An exclusion does not exist

Buy Now
Exam Code: PSE-Cortex
Exam Name: Palo Alto Networks System Engineer - Cortex Professional
Last Update: Jun 18, 2024
Questions: 60
$64  $159.99
$48  $119.99
$40  $99.99
buy now PSE-Cortex