1. Home
  2. Palo Alto Networks
  3. PSE-CORTEX

Palo Alto Networks System Engineer - Cortex Professional

Exam Details

  • Exam Code
    :PSE-CORTEX
  • Exam Name
    :Palo Alto Networks System Engineer - Cortex Professional
  • Certification
    :PSE-Cortex Professional
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :60 Q&As
  • Last Updated
    :May 15, 2024

Palo Alto Networks PSE-Cortex Professional PSE-CORTEX Questions & Answers

  • Question 41:

    When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?

    A. splunk-get-alerts integration command

    B. Cortex XSOAR TA App for Splunk

    C. SplunkSearch automation

    D. SplunkGO integration

  • Question 42:

    What is the result of creating an exception from an exploit security event?

    A. White lists the process from Wild Fire analysis

    B. exempts the user from generating events for 24 hours

    C. exempts administrators from generating alerts for 24 hours

    D. disables the triggered EPM for the host and process involve

  • Question 43:

    Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?

    A. Agent Configuration

    B. Device Control

    C. Device Customization

    D. Agent Management

  • Question 44:

    Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types? (Choose three.)

    A. Define whether a playbook runs automatically when an incident type is encountered

    B. Set reminders for an incident SLA

    C. Add new fields to an incident type

    D. Define the way that incidents of a specific type are displayed in the system

    E. Drop new incidents of the same type that contain similar information

  • Question 45:

    Which process in the causality chain does the Cortex XDR agent identify as triggering an event sequence?

    A. the relevant shell

    B. The causality group owner

    C. the adversary's remote process

    D. the chain's alert initiator

  • Question 46:

    When a Demisto Engine is part of a Load-Balancing group it?

    A. Must be in a Load-Balancing group with at least another 3 members

    B. It must have port 443 open to allow the Demisto Server to establish a connection

    C. Can be used separately as an engine, only if connected to the Demisto Server directly

    D. Cannot be used separately and does not appear in the in the engines drop-down menu when configuring an integration instance

  • Question 47:

    What are process exceptions used for?

    A. whitelist programs from WildFire analysis

    B. permit processes to load specific DLLs

    C. change the WildFire verdict for a given executable

    D. disable an EPM for a particular process

  • Question 48:

    Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?

    Desmisto REST API

    Name: Demisto REST API_instance_1

    Demisto Server URL: https://127.0.0.1

    Demisto Server API Key: *******

    User system proxy settings

    Use sigle engine: No engine

    ! Script failed to run: Demisto REST APIs-

    Request Failed.

    Status code:1

    Body:{"StatusCode":-1,"Status":"Get https://127.0.0.1/user:x509;cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs","Cookies":

    [],"Body":"","Bytes":[],"Headers":{},"Path":"}, at sendRequest(script:59:23(79)):(2603)

    Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)

    A. Generic Polling Automation Playbook

    B. Playbook Tasks

    C. Sub-Play books

    D. Playbook Functions

  • Question 49:

    The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console.What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

    A. add paloaltonetworks.com to the SSL Decryption Exclusion list

    B. enable SSL decryption

    C. disable SSL decryption

    D. reinstall the root CA certificate

  • Question 50:

    An antivirus refresh project was initiated by the IT operations executive. Who is the best source for discussion about the project's operational considerations'?

    A. endpoint manager

    B. SOC manager

    C. SOC analyst

    D. desktop engineer

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-CORTEX exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.