• Home
  • Articles
  • Palo Alto Networks New 2022 PSE-Cortex Sample Questions Reliable PSE-Cortex Test Engine [Q27-Q48]

Palo Alto Networks New 2022 PSE-Cortex Sample Questions Reliable PSE-Cortex Test Engine [Q27-Q48]

Share

Palo Alto Networks New 2022 PSE-Cortex Sample Questions Reliable PSE-Cortex Test Engine

Feel Palo Alto Networks PSE-Cortex Dumps PDF Will likely be The best Option

NEW QUESTION 27
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?

  • A. Agent Configuration
  • B. Device Control
  • C. Agent Management
  • D. Device Customization

Answer: B

Explanation:
Explanation
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231

 

NEW QUESTION 28
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?

  • A. Agent Configuration
  • B. Device Control
  • C. Agent Management
  • D. Device Customization

Answer: B

Explanation:
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231

 

NEW QUESTION 29
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)

  • A. OS
  • B. Domain/workgroup membership
  • C. attack threat intelligence tag
  • D. hostname
  • E. quarantine status

Answer: A,D,E

 

NEW QUESTION 30
Which task allows the playbook to follow different paths based on specific conditions?

  • A. Manual
  • B. Parallel
  • C. Conditional
  • D. Automation

Answer: A

 

NEW QUESTION 31
What are process exceptions used for?

  • A. whitelist programs from WildFire analysis
  • B. permit processes to load specific DLLs
  • C. disable an EPM for a particular process
  • D. change the WildFire verdict for a given executable

Answer: C

 

NEW QUESTION 32
What is the difference between an exception and an exclusion?

  • A. An exclusion is based on rules and exceptions are based on alerts.
  • B. An exception does not exist
  • C. An exclusion does not exist
  • D. An exception is based on rules and exclusions are on alerts

Answer: D

 

NEW QUESTION 33
Which CLI query would bring back Notable Events from Splunk?
A)

B)

C)

D)

  • A. Option A
  • B. Option C
  • C. Option B
  • D. Option D

Answer: D

 

NEW QUESTION 34
Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types?
(Choose three.)

  • A. Drop new incidents of the same type that contain similar information
  • B. Define whether a playbook runs automatically when an incident type is encountered
  • C. Set reminders for an incident SLA
  • D. Add new fields to an incident type
  • E. Define the way that incidents of a specific type are displayed in the system

Answer: A,B,E

 

NEW QUESTION 35
What is the retention requirement for Cortex Data Lake sizing?

  • A. number of VM-Series NGFW
  • B. logs per second
  • C. number of days
  • D. number of endpoints

Answer: C

Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-cortex-data-lake/set-log-storage-quota

 

NEW QUESTION 36
Cortex XDR can schedule recurring scans of endpoints for malware. Identify two methods for initiating an on-demand malware scan (Choose two )

  • A. Telnet
  • B. the local console
  • C. Response > Action Center
  • D. Endpoint > Endpoint Management

Answer: A,C

 

NEW QUESTION 37
What are process exceptions used for?

  • A. disable an EPM for a particular process
  • B. whitelist programs from WildFire analysis
  • C. permit processes to load specific DLLs
  • D. change the WildFire verdict for a given executable

Answer: B

 

NEW QUESTION 38
Rearrange the steps into the correct order for modifying an incident layout.

Answer:

Explanation:

1 - Navigate to Settings > Advanced > Incident Types
2 - Select the incident type you want to customize the layout view for
3 - Edit the layout
4 - Select the Edit Layout option
5 - Navigate to Settings > Layout Builder

 

NEW QUESTION 39
If a customer activates a TMS tenant and has not purchased a Cortex Data Lake instance.
Palo Alto Networks will provide the customer with a free instance
What size is this free Cortex Data Lake instance?

  • A. 10 GB
  • B. 1 TB
  • C. 100 GB
  • D. 10 TB

Answer: C

 

NEW QUESTION 40
Which two log types should be configured for firewall forwarding to the Cortex Data Lake for use by Cortex XDR? (Choose two)

  • A. Correlation
  • B. Analytics
  • C. Security Event
  • D. HIP

Answer: C,D

 

NEW QUESTION 41
A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows;

What is the remaining configuration?
A)

B)

C)

D)

  • A. Option A
  • B. Option C
  • C. Option B
  • D. Option D

Answer: D

 

NEW QUESTION 42
"Bob" is a Demisto user. Which command is used to add 'Bob" to an investigation from the War Room CLI?

  • A. @Bob
  • B. #Bob
  • C. /invite Bob
  • D. !invite Bob

Answer: B

 

NEW QUESTION 43
Cortex XDR can schedule recurring scans of endpoints for malware. Identify two methods for initiating an on-demand malware scan (Choose two )

  • A. Telnet
  • B. Endpoint > Endpoint Management
  • C. the local console
  • D. Response > Action Center

Answer: B,D

 

NEW QUESTION 44
Rearrange the steps into the correct order for modifying an incident layout.

Answer:

Explanation:

 

NEW QUESTION 45
If you have a playbook task that errors out. where could you see the output of the task?

  • A. Playbook Editor
  • B. /var/log/messages
  • C. Demisto Audit log
  • D. War Room of the incident

Answer: D

 

NEW QUESTION 46
How many use cases should a POC success criteria document include?

  • A. 3 or more
  • B. no more than 2
  • C. no more than 5
  • D. only 1

Answer: D

 

NEW QUESTION 47
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.) SUCCESS

  • A. The modified script required a different parameter to run successfully.
  • B. The dictionary was defined incorrectly in the second script.
  • C. The modified scnpt was run in the wrong Docker image
  • D. The modified script attempted to access a dictionary key that did not exist in the dictionary named "data"

Answer: C

 

NEW QUESTION 48
......

Use Valid New PSE-Cortex Test Notes & PSE-Cortex Valid Exam Guide: https://itexambus.passleadervce.com/Palo-Alto-Networks-Certification/reliable-PSE-Cortex-exam-learning-guide.html

Related Articles

more
Palo Alto Networks PSE-Cortex Certification Practice Exam