PSE-Cortex Exam Questions

Total 60 Questions

Last Updated Exam : 16-Dec-2024

During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.

During the service instance provisioning which three DNS host names are created? (Choose three.)


A.

cc-xnet50.traps.paloaltonetworks.com


B.

hc-xnet50.traps.paloaltonetworks.com


C.

cc-xnet.traps.paloaltonetworks.com


D.

cc.xnet50traps.paloaltonetworks.com


E.

xnettraps.paloaltonetworks.com


F.

ch-xnet.traps.paloaltonetworks.com





A.
  

cc-xnet50.traps.paloaltonetworks.com



C.
  

cc-xnet.traps.paloaltonetworks.com



F.
  

ch-xnet.traps.paloaltonetworks.com



What is the retention requirement for Cortex Data Lake sizing?


A.

number of endpoints


B.

number of VM-Series NGFW


C.

number of days


D.

logs per second





C.
  

number of days



https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-cortex

How does an "inline" auto-extract task affect playbook execution?


A.

Doesn't wait until the indicators are enriched and continues executing the next step


B.

Doesn't wait until the indicators are enriched but populate context data before executing the next


C.

step. Wait until the indicators are enriched but doesn't populate context data before executing the next
step.


D.

Wait until the indicators are enriched and populate context data before executing the next step.





D.
  

Wait until the indicators are enriched and populate context data before executing the next step.



An Administrator is alerted to a Suspicious Process Creation security event from multiple users. The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )


A.

With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module


B.

Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist


C.

In the Cortex XDR security event, review the specific parent process, child process, and command line arguments


D.

Contact support and ask for a security exception





B.
  

Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist



C.
  

In the Cortex XDR security event, review the specific parent process, child process, and command line arguments



When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?


A.

splunk-get-alerts integration command


B.

Cortex XSOAR TA App for Splunk


C.

SplunkSearch automation


D.

SplunkGO integration





B.
  

Cortex XSOAR TA App for Splunk



Rearrange the steps into the correct order for modifying an incident layout. 






If an anomalous process is discovered while investigating the cause of a security event, you can take
immediate action to terminate the process or the whole process tree, and block processes from running by initiating which Cortex XDR capability?


A.

Live Sensors


B.

File Explorer


C.

Log Stitching


D.

Live Terminal





D.
  

Live Terminal



Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable
equipment?


A.

Agent Configuration


B.

Device Control


C.

Device Customization


D.

Agent Management





B.
  

Device Control



https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231

Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?


A.

RPM


B.

SH


C.

DEB


D.

ZIP





D.
  

ZIP



https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/install-deploy-and-confi

Whichfour types of Traps logs are stored within Cortex Data Lake?


A.

Threat, Config, System,Data


B.

Threat, Config, System, Analytic


C.

Threat, Monitor. System, Analytic


D.

Threat, Config, Authentication, Analytic





A.
  

Threat, Config, System,Data