Mar 01, 2023 Step by Step Guide to Prepare for PSE-Cortex Exam BrainDumps
Palo Alto Networks Certification PSE-Cortex Real Exam Questions and Answers FREE Updated on 2023
NEW QUESTION 20
Whichfour types of Traps logs are stored within Cortex Data Lake?
- A. Threat, Config, System,Data
- B. Threat, Monitor. System, Analytic
- C. Threat, Config, Authentication, Analytic
- D. Threat, Config, System, Analytic
Answer: A
NEW QUESTION 21
Which two items are stitched to the Cortex XDR causality chain'' (Choose two)
- A. full URL
- B. SIEM alert
- C. firewall alert
- D. registry set value
Answer: A,C
NEW QUESTION 22
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.) SUCCESS
- A. The dictionary was defined incorrectly in the second script.
- B. The modified script attempted to access a dictionary key that did not exist in the dictionary named
"data" - C. The modified scnpt was run in the wrong Docker image
- D. The modified script required a different parameter to run successfully.
Answer: C
NEW QUESTION 23
Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?
- A. ZIP
- B. DEB
- C. RPM
- D. SH
Answer: A
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/install-deploy-and-configure-demisto-engines/create-a-new-engine.html
NEW QUESTION 24
The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console.What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?
- A. add paloaltonetworks.com to the SSL Decryption Exclusion list
- B. enable SSL decryption
- C. disable SSL decryption
- D. reinstall the root CA certificate
Answer: C
NEW QUESTION 25
What are two manual actions allowed on War Room entries? (Choose two.)
- A. Mark as artifact
- B. Mark as scheduled entry
- C. Mark as note
- D. Mark as evidence
Answer: A
NEW QUESTION 26
Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)
- A. registry entry
- B. domain
- C. endpoint hostname
- D. IP
Answer: A,C
NEW QUESTION 27
During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.
During the service instance provisioning which three DNS host names are created? (Choose three.)
- A. ch-xnet.traps.paloaltonetworks.com
- B. cc-xnet.traps.paloaltonetworks.com
- C. hc-xnet50.traps.paloaltonetworks.com
- D. cc-xnet50.traps.paloaltonetworks.com
- E. xnettraps.paloaltonetworks.com
- F. cc.xnet50traps.paloaltonetworks.com
Answer: A,B,D
NEW QUESTION 28
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?
- A. Device Control
- B. Agent Configuration
- C. Device Customization
- D. Agent Management
Answer: A
Explanation:
Explanation
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231
NEW QUESTION 29
Which two formats are supported by Whitelist? (Choose two)
- A. STIX
- B. Regex
- C. CSV
- D. CIDR
Answer: B,D
NEW QUESTION 30
In an Air-Gapped environment where the Docker package was manually installed after the Cortex XSOAR installation which action allows Cortex XSOAR to access Docker?
- A. enable the docker service
- B. create a "Cortex XSOAR' or "demisto" group and add the "docker" user to this group
- C. disable the Cortex XSOAR service
- D. create a "docker" group and add the "Cortex XSOAR" or "demisto" user to this group
Answer: D
NEW QUESTION 31
An EDR project was initiated by a CISO. Which resource will likely have the most heavy influence on the project?
- A. operations manager
- B. SOC manager
- C. desktop engineer
- D. SOC analyst IT
Answer: B
NEW QUESTION 32
The customer has indicated they need EDR data collection capabilities, which Cortex XDR license is required?
- A. Cortex XDR Pro Per Endpoint
- B. Cortex XDR Prevent
- C. Cortex XDR Endpoint
- D. Cortex XDR Pro per TB
Answer: A
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-licenses/migrate-your-cortex-xdr-license
NEW QUESTION 33
Which option describes a Load-Balancing Engine Group?
- A. A group of engines that use an algorithm to efficiently share the workload for automation scripts
- B. A group of D2 agents that share processing power across multiple endpoints
- C. A group of engines that ensure High Availability of Demisto backend databases.
- D. A group of engines that use an algorithm to efficiently share the workload for integrations
Answer: A
NEW QUESTION 34
Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?
Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)
- A. Sub-Play books
- B. Playbook Functions
- C. Playbook Tasks
- D. Generic Polling Automation Playbook
Answer: A,D
NEW QUESTION 35
Which two log types should be configuredfor firewall forwarding to the Cortex Data Lake for use by Cortex XDR?(Choose two)
- A. HIP
- B. Correlation
- C. Security Event
- D. Analytics
Answer: C,D
NEW QUESTION 36
How can you view all the relevant incidents for an indicator?
- A. Related Incidents column in Indicator Screen
- B. Related Indicators column in Incident Screen
- C. Linked Incidents column in Indicator Screen
- D. Linked Indicators column in Incident Screen
Answer: D
NEW QUESTION 37
......
Ultimate Guide to Prepare PSE-Cortex Certification Exam for Palo Alto Networks Certification: https://www.exams4collection.com/PSE-Cortex-latest-braindumps.html
PSE-Cortex Ultimate Study Guide: https://drive.google.com/open?id=1BighCGDk_JYfs5VVZW-2LxfopDPqQunH
