Pre-Winter Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

PSE-Cortex PDF

$38.5

$109.99

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

PSE-Cortex PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

  • Exam Name: Palo Alto Networks System Engineer - Cortex Professional
  • Last Update: Oct 4, 2024
  • Questions and Answers: 60
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

PSE-Cortex Engine

$46.2

$131.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

PSE-Cortex Practice Exam Questions with Answers Palo Alto Networks System Engineer - Cortex Professional Certification

Question # 6

An adversary is attempting to communicate with malware running on your network for the purpose of controlling malware activities or for ex filtrating data from your network. Which Cortex XDR Analytics alert is this activity most likely to trigger'?

A.

Uncommon Local Scheduled Task Creation

B.

Malware

C.

New Administrative Behavior

D.

DNS Tunneling

Full Access
Question # 7

Which process in the causality chain does the Cortex XDR agent identify as triggering an event sequence?

A.

the relevant shell

B.

The causality group owner

C.

the adversary's remote process

D.

the chain's alert initiator

Full Access
Question # 8

How does an "inline" auto-extract task affect playbook execution?

A.

Doesn't wait until the indicators are enriched and continues executing the next step

B.

Doesn't wait until the indicators are enriched but populate context data before executing the next

C.

step. Wait until the indicators are enriched but doesn't populate context data before executing the next step.

D.

Wait until the indicators are enriched and populate context data before executing the next step.

Full Access
Question # 9

When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?

A.

splunk-get-alerts integration command

B.

Cortex XSOAR TA App for Splunk

C.

SplunkSearch automation

D.

SplunkGO integration

Full Access
Question # 10

Which Cortex XDR capability extends investigations to an endpoint?

A.

Log Stitching

B.

Causality Chain

C.

Sensors

D.

Live Terminal

Full Access
Question # 11

Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)

A.

IP

B.

endpoint hostname

C.

domain

D.

registry entry

Full Access
Question # 12

Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?

PSE-Cortex question answer

Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)

A.

Generic Polling Automation Playbook

B.

Playbook Tasks

C.

Sub-Play books

D.

Playbook Functions

Full Access
Question # 13

An Administrator is alerted to a Suspicious Process Creation security event from multiple users.

The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

A.

With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module

B.

Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist

C.

In the Cortex XDR security event, review the specific parent process, child process, and command line arguments

D.

Contact support and ask for a security exception.

Full Access
Question # 14

What are two manual actions allowed on War Room entries? (Choose two.)

A.

Mark as artifact

B.

Mark as scheduled entry

C.

Mark as note

D.

Mark as evidence

Full Access
Question # 15

Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?

A.

Agent Configuration

B.

Device Control

C.

Device Customization

D.

Agent Management

Full Access
Question # 16

What is the result of creating an exception from an exploit security event?

A.

White lists the process from Wild Fire analysis

B.

exempts the user from generating events for 24 hours

C.

exempts administrators from generating alerts for 24 hours

D.

disables the triggered EPM for the host and process involve

Full Access
Question # 17

When analyzing logs for indicators, which are used for only BIOC identification'?

A.

observed activity

B.

artifacts

C.

techniques

D.

error messages

Full Access
Question # 18

A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake.

Where would the user configure the ratio of storage for each log type?

A.

Within the TMS, create an agent settings profile and modify the Disk Quota value

B.

It is not possible to configure Cortex Data Lake quota for specific log types.

C.

Go to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota

D.

Write a GPO for each endpoint agent to check in less often

Full Access