Palo Alto Networks PSE-Cortex Certification Exam Dumps with 60 Practice Test Questions
New PSE-Cortex Exam Dumps with High Passing Rate
NEW QUESTION 21
Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types?
(Choose three.)
- A. Set reminders for an incident SLA
- B. Define whether a playbook runs automatically when an incident type is encountered
- C. Drop new incidents of the same type that contain similar information
- D. Add new fields to an incident type
- E. Define the way that incidents of a specific type are displayed in the system
Answer: B,C,E
NEW QUESTION 22
Which two filter operators are available in Cortex XDR? (Choose two.)
- A. =>
- B. < >
- C. !*
- D. not Contains
Answer: C,D
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr-pro/use-c
NEW QUESTION 23
Which Cortex XDR capability extends investigations to an endpoint?
- A. Sensors
- B. Live Terminal
- C. Causality Chain
- D. Log Stitching
Answer: D
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-conc
NEW QUESTION 24
The certificate used for decryption was installed as a trusted root CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?
- A. disable SSL decryption
- B. reinstall the root CA certificate
- C. enable SSL decryption
- D. add paloaltonetworks com to the SSL Decryption Exclusion list
Answer: B
NEW QUESTION 25
What is the difference between an exception and an exclusion?
- A. An exclusion does not exist
- B. An exclusion is based on rules and exceptions are based on alerts.
- C. An exception is based on rules and exclusions are on alerts
- D. An exception does not exist
Answer: C
NEW QUESTION 26
The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console.What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?
- A. disable SSL decryption
- B. enable SSL decryption
- C. add paloaltonetworks.com to the SSL Decryption Exclusion list
- D. reinstall the root CA certificate
Answer: A
NEW QUESTION 27
Whichfour types of Traps logs are stored within Cortex Data Lake?
- A. Threat, Monitor. System, Analytic
- B. Threat, Config, System,Data
- C. Threat, Config, Authentication, Analytic
- D. Threat, Config, System, Analytic
Answer: B
NEW QUESTION 28
Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?
- A. ZIP
- B. SH
- C. DEB
- D. RPM
Answer: A
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/install-deploy-and-config
NEW QUESTION 29
What are process exceptions used for?
- A. change the WildFire verdict for a given executable
- B. permit processes to load specific DLLs
- C. whitelist programs from WildFire analysis
- D. disable an EPM for a particular process
Answer: C
NEW QUESTION 30
Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)
- A. domain
- B. IP
- C. endpoint hostname
- D. registry entry
Answer: A,B
NEW QUESTION 31
If a customer activates a TMS tenant and has not purchased a Cortex Data Lake instance.
Palo Alto Networks will provide the customer with a free instance
What size is this free Cortex Data Lake instance?
- A. 10 TB
- B. 1 TB
- C. 10 GB
- D. 100 GB
Answer: D
NEW QUESTION 32
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?
- A. Device Control
- B. Agent Configuration
- C. Device Customization
- D. Agent Management
Answer: A
Explanation:
Explanation
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231
NEW QUESTION 33
Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?
Which two playbook functionalities allow looping through a group of tasks during playbook execution?
(Choose two.)
- A. Generic Polling Automation Playbook
- B. Playbook Tasks
- C. Playbook Functions
- D. Sub-Play books
Answer: C,D
NEW QUESTION 34
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.) SUCCESS
- A. The modified scnpt was run in the wrong Docker image
- B. The modified script attempted to access a dictionary key that did not exist in the dictionary named "data"
- C. The dictionary was defined incorrectly in the second script.
- D. The modified script required a different parameter to run successfully.
Answer: A
NEW QUESTION 35
Which two formats are supported by Whitelist? (Choose two)
- A. CSV
- B. STIX
- C. Regex
- D. CIDR
Answer: C,D
NEW QUESTION 36
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)
- A. Domain/workgroup membership
- B. quarantine status
- C. attack threat intelligence tag
- D. hostname
- E. OS
Answer: A,D,E
NEW QUESTION 37
In the DBotScore context field, which context key would differentiate between multiple entries for the same indicator in a multi-TIP environment?
- A. Type
- B. Brand
- C. Vendor
- D. Using
Answer: C
NEW QUESTION 38
Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)
- A. registry entry
- B. domain
- C. IP
- D. endpoint hostname
Answer: A,D
NEW QUESTION 39
Which two formats are supported by Whitelist? (Choose two)
- A. Regex
- B. CSV
- C. STIX
- D. CIDR
Answer: B,D
NEW QUESTION 40
......
Get PSE-Cortex Braindumps & PSE-Cortex Real Exam Questions: https://pass4sures.freepdfdump.top/PSE-Cortex-valid-torrent.html
