PSE-Cortex | Validated Paloalto-Networks PSE-Cortex Free Practice Questions Online
Act now and download your Paloalto-Networks PSE-Cortex test today! Do not waste time for the worthless Paloalto-Networks PSE-Cortex tutorials. Download Update Paloalto-Networks Palo Alto Networks System Engineer - Cortex Professional exam with real questions and answers and begin to learn Paloalto-Networks PSE-Cortex with a classic professional.
Free demo questions for Paloalto-Networks PSE-Cortex Exam Dumps Below:
NEW QUESTION 1
If you have a playbook task that errors out. where could you see the output of the task?
- A. /var/log/messages
- B. War Room of the incident
- C. Demisto Audit log
- D. Playbook Editor
Answer: B
NEW QUESTION 2
What is the retention requirement for Cortex Data Lake sizing?
- A. number of endpoints
- B. number of VM-Series NGFW
- C. number of days
- D. logs per second
Answer: C
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-corte
NEW QUESTION 3
Which two entities can be created as a BIOC? (Choose two.)
- A. file
- B. registry
- C. event log
- D. alert log
Answer: AB
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/cortex-xd
NEW QUESTION 4
What is the result of creating an exception from an exploit security event?
- A. White lists the process from Wild Fire analysis
- B. exempts the user from generating events for 24 hours
- C. exempts administrators from generating alerts for 24 hours
- D. disables the triggered EPM for the host and process involve
Answer: D
NEW QUESTION 5
Which option describes a Load-Balancing Engine Group?
- A. A group of engines that use an algorithm to efficiently share the workload for integrations
- B. A group of engines that ensure High Availability of Demisto backend databases.
- C. A group of engines that use an algorithm to efficiently share the workload for automation scripts
- D. A group of D2 agents that share processing power across multiple endpoints
Answer: C
NEW QUESTION 6
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?
- A. Agent Configuration
- B. Device Control
- C. Device Customization
- D. Agent Management
Answer: B
Explanation:
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231
NEW QUESTION 7
What is the difference between an exception and an exclusion?
- A. An exception is based on rules and exclusions are on alerts
- B. An exclusion is based on rules and exceptions are based on alerts.
- C. An exception does not exist
- D. An exclusion does not exist
Answer: A
NEW QUESTION 8
Which two items are stitched to the Cortex XDR causality chain'' (Choose two)
- A. firewall alert
- B. SIEM alert
- C. full URL
- D. registry set value
Answer: AC
NEW QUESTION 9
Which two log types should be configured for firewall forwarding to the Cortex Data Lake for use by Cortex XDR? (Choose two)
- A. Security Event
- B. HIP
- C. Correlation
- D. Analytics
Answer: AB
NEW QUESTION 10
An adversary is attempting to communicate with malware running on your network for the purpose of controlling malware activities or for ex filtrating data from your network. Which Cortex XDR Analytics alert is this activity most likely to trigger'?
- A. Uncommon Local Scheduled Task Creation
- B. Malware
- C. New Administrative Behavior
- D. DNS Tunneling
Answer: B
NEW QUESTION 11
The certificate used for decryption was installed as a trusted root CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?
- A. add paloaltonetworks com to the SSL Decryption Exclusion list
- B. enable SSL decryption
- C. disable SSL decryption
- D. reinstall the root CA certificate
Answer: D
NEW QUESTION 12
Which Cortex XDR capability extends investigations to an endpoint?
- A. Log Stitching
- B. Causality Chain
- C. Sensors
- D. Live Terminal
Answer: A
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-conc
NEW QUESTION 13
When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?
- A. splunk-get-alerts integration command
- B. Cortex XSOAR TA App for Splunk
- C. SplunkSearch automation
- D. SplunkGO integration
Answer: B
NEW QUESTION 14
Which two formats are supported by Whitelist? (Choose two)
- A. Regex
- B. STIX
- C. CSV
- D. CIDR
Answer: AD
NEW QUESTION 15
What are two manual actions allowed on War Room entries? (Choose two.)
- A. Mark as artifact
- B. Mark as scheduled entry
- C. Mark as note
- D. Mark as evidence
Answer: CD
NEW QUESTION 16
......
P.S. Easily pass PSE-Cortex Exam with 60 Q&As Dumps-hub.com Dumps & pdf Version, Welcome to Download the Newest Dumps-hub.com PSE-Cortex Dumps: https://www.dumps-hub.com/PSE-Cortex-dumps.html (60 New Questions)