New (2021) Palo Alto Networks PSE-Cortex Exam Dumps
Best Way To Study For Palo Alto Networks PSE-Cortex Exam Brilliant PSE-Cortex Exam Questions PDF
NEW QUESTION 36
Given the integration configuration and error in the screenshot what is the cause of the problem?
- A. incorrect Username and Password
- B. incorrect appliance port
- C. incorrect server URL
- D. incorrect instance name
Answer: A
NEW QUESTION 37
A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows;
What is the remaining configuration?
A)
B)
C)
D)
- A. Option A
- B. Option C
- C. Option B
- D. Option D
Answer: D
NEW QUESTION 38
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)
- A. OS
- B. attack threat intelligence tag
- C. hostname
- D. quarantine status
- E. Domain/workgroup membership
Answer: A,C,E
NEW QUESTION 39
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.) SUCCESS
- A. The modified script attempted to access a dictionary key that did not exist in the dictionary named "data"
- B. The modified scnpt was run in the wrong Docker image
- C. The modified script required a different parameter to run successfully.
- D. The dictionary was defined incorrectly in the second script.
Answer: B
NEW QUESTION 40
Cortex XDR can schedule recurring scans of endpoints for malware. Identify two methods for initiating an on-demand malware scan (Choose two )
- A. Endpoint > Endpoint Management
- B. the local console
- C. Response > Action Center
- D. Telnet
Answer: A,C
NEW QUESTION 41
An Administrator is alerted to a Suspicious Process Creation security event from multiple users.
The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )
- A. Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist
- B. With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module
- C. Contact support and ask for a security exception.
- D. In the Cortex XDR security event, review the specific parent process, child process, and command line arguments
Answer: A,D
NEW QUESTION 42
Which step is required to prepare the VDI Golden Image?
- A. Set the memory dumps to manual setting
- B. Run the VDI conversion tool
- C. Ensure the latest content updates are installed
- D. Review any PE files that WildFire determined to be malicious
Answer: D
NEW QUESTION 43
The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console. What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?
- A. enable SSL decryption
- B. reinstall the root CA certificate
- C. add paloaltonetworks.com to the SSL Decryption Exclusion list
- D. disable SSL decryption
Answer: B
NEW QUESTION 44
Which two formats are supported by Whitelist? (Choose two)
- A. CSV
- B. STIX
- C. CIDR
- D. Regex
Answer: C,D
NEW QUESTION 45
How many use cases should a POC success criteria document include?
- A. no more than 2
- B. only 1
- C. no more than 5
- D. 3 or more
Answer: A
NEW QUESTION 46
What is the retention requirement for Cortex Data Lake sizing?
- A. number of endpoints
- B. number of VM-Series NGFW
- C. number of days
- D. logs per second
Answer: C
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-cortex-data-lake/set-log-storage-quota
NEW QUESTION 47
Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)
- A. registry entry
- B. IP
- C. domain
- D. endpoint hostname
Answer: A,D
NEW QUESTION 48
A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?
- A. Tell them custom integrations are not created as part of the POC
- B. Extend the POC window to allow the solution architects to build it
- C. Agree to build the integration as part of the POC
- D. Tell them we can build it with Professional Services.
Answer: B
NEW QUESTION 49
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)
- A. OS
- B. attack threat intelligence tag
- C. hostname
- D. Domain/workgroup membership
- E. quarantine status
Answer: A,C,E
NEW QUESTION 50
Which two formats are supported by Whitelist? (Choose two)
- A. Regex
- B. STIX
- C. CIDR
- D. CSV
Answer: C,D
NEW QUESTION 51
When analyzing logs for indicators, which are used for only BIOC identification'?
- A. techniques
- B. artifacts
- C. observed activity
- D. error messages
Answer: C
NEW QUESTION 52
Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)
- A. domain
- B. registry entry
- C. IP
- D. endpoint hostname
Answer: A,C
NEW QUESTION 53
Which four types of Traps logs are stored within Cortex Data Lake?
- A. Threat, Config, Authentication, Analytic
- B. Threat, Config, System, Data
- C. Threat, Config, System, Analytic
- D. Threat, Monitor. System, Analytic
Answer: C
NEW QUESTION 54
A General Purpose Dynamic Section can be added to which two layouts for incident types? (Choose two)
- A. "New"/Edit" Incident Form
- B. "Close" Incident Form
- C. Incident Quick View
- D. Incident Summary
Answer: C,D
NEW QUESTION 55
During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.
During the service instance provisioning which three DNS host names are created? (Choose three.)
- A. xnettraps.paloaltonetworks.com
- B. cc-xnet50.traps.paloaltonetworks.com
- C. ch-xnet.traps.paloaltonetworks.com
- D. cc-xnet.traps.paloaltonetworks.com
- E. cc.xnet50traps.paloaltonetworks.com
- F. hc-xnet50.traps.paloaltonetworks.com
Answer: B,C,D
NEW QUESTION 56
How do sub-playbooks affect the Incident Context Data?
- A. When set to private, task outputs automatically get written to the root context
- B. When set to private, task outputs do not automatically get written to the root context
- C. When set to global, allows parallel task execution.
- D. When set to global, sub-playbook tasks do not have access to the root context
Answer: B
NEW QUESTION 57
Rearrange the steps into the correct order for modifying an incident layout.
Answer:
Explanation:
1 - Navigate to Settings > Advanced > Incident Types
2 - Select the incident type you want to customize the layout view for
3 - Edit the layout
4 - Select the Edit Layout option
5 - Navigate to Settings > Layout Builder
NEW QUESTION 58
......
Updated Verified Pass PSE-Cortex Exam - Real Questions & Answers: https://www.exams4collection.com/PSE-Cortex-latest-braindumps.html
Dumps Moneyack Guarantee - PSE-Cortex Dumps Approved Dumps: https://drive.google.com/open?id=1MWXsn58f2SvH0FGNZORNApRB-Uub3DKA
