PSE-CORTEX Exam Details

  • Exam Code
    :PSE-CORTEX
  • Exam Name
    :Palo Alto Networks System Engineer Professional - Cortex
  • Certification
    :Palo Alto Networks Certifications
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :182 Q&As
  • Last Updated
    :Jul 15, 2026

Palo Alto Networks PSE-CORTEX Online Questions & Answers

  • Question 51:

    During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.

    During the service instance provisioning which three DNS host names are created? (Choose three.)

    A. cc-xnet50.traps.paloaltonetworks.com
    B. hc-xnet50.traps.paloaltonetworks.com
    C. cc-xnet.traps.paloaltonetworks.com
    D. cc.xnet50traps.paloaltonetworks.com
    E. xnettraps.paloaltonetworks.com
    F. ch-xnet.traps.paloaltonetworks.com

  • Question 52:

    When a Demisto Engine is part of a Load-Balancing group it?

    A. Must be in a Load-Balancing group with at least another 3 members
    B. It must have port 443 open to allow the Demisto Server to establish a connection
    C. Can be used separately as an engine, only if connected to the Demisto Server directly
    D. Cannot be used separately and does not appear in the in the engines drop-down menu when configuring an integration instance

  • Question 53:

    A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?

    A. Extend the POC window to allow the solution architects to build it
    B. Tell them we can build it with Professional Services.
    C. Tell them custom integrations are not created as part of the POC
    D. Agree to build the integration as part of the POC

  • Question 54:

    Which CLI query would bring back Notable Events from Splunk?

    A. ! splunk-search query=" `notable` | head 3"
    B. ! splunk-search query=" 'notable' | head 3"
    C. ! splunk-search query="*"
    D. ! splunk-search query="* | head 3"

  • Question 55:

    The prospect is deciding whether to go with a phishing or a ServiceNow use case as part of their POC We have integrations for both but a playbook for phishing only Which use case should be used for the POC?

    A. phishing
    B. either
    C. ServiceNow
    D. neither

  • Question 56:

    What is the difference between an exception and an exclusion?

    A. An exception is based on rules and exclusions are on alerts
    B. An exclusion is based on rules and exceptions are based on alerts.
    C. An exception does not exist
    D. An exclusion does not exist

  • Question 57:

    In an Air-Gapped environment where the Docker package was manually installed after the Cortex XSOAR installation which action allows Cortex XSOAR to access Docker?

    A. create a "docker" group and add the "Cortex XSOAR" or "demisto" user to this group
    B. create a "Cortex XSOAR' or "demisto" group and add the "docker" user to this group
    C. disable the Cortex XSOAR service
    D. enable the docker service

  • Question 58:

    A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake. Where would the user configure the ratio of storage for each log type?

    A. Within the TMS, create an agent settings profile and modify the Disk Quota value
    B. It is not possible to configure Cortex Data Lake quota for specific log types.
    C. Go to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota
    D. Write a GPO for each endpoint agent to check in less often

  • Question 59:

    Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?

    Desmisto REST API

    Name: Demisto REST API_instance_1

    Demisto Server URL: https://127.0.0.1

    Demisto Server API Key: *******

    User system proxy settings

    Use sigle engine: No engine

    ! Script failed to run: Demisto REST APIs-

    Request Failed.

    Status code:1

    Body:{"StatusCode":-1,"Status":"Get https://127.0.0.1/user:x509;cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs","Cookies":

    [],"Body":"","Bytes":[],"Headers":{},"Path":"}, at sendRequest(script:59:23(79)):(2603)

    Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)

    A. Generic Polling Automation Playbook
    B. Playbook Tasks
    C. Sub-Play books
    D. Playbook Functions

  • Question 60:

    If you have a playbook task that errors out. where could you see the output of the task?

    A. /var/log/messages
    B. War Room of the incident
    C. Demisto Audit log
    D. Playbook Editor

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-CORTEX exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.