Free 2024 Palo Alto Networks Certification PSE-Cortex dumps are available on Google Drive shared by Actualtests4sure
Welcome to download the newest Actualtests4sure PSE-Cortex PDF dumps: https://www.actualtests4sure.com/PSE-Cortex-test-questions.html ( 60 Q&As)
NEW QUESTION # 16
Which option describes a Load-Balancing Engine Group?
- A. A group of engines that use an algorithm to efficiently share the workload for integrations
- B. A group of engines that use an algorithm to efficiently share the workload for automation scripts
- C. A group of engines that ensure High Availability of Demisto backend databases.
- D. A group of D2 agents that share processing power across multiple endpoints
Answer: B
NEW QUESTION # 17
Which option is required to prepare the VDI Golden Image?
- A. Configure the Golden Image as a persistent VDI
- B. Run the Cortex VDI conversion tool
- C. Use the Cortex XDR VDI tool to obtain verdicts for all PE files
- D. Install the Cortex XOR Agent on the local machine
Answer: B
NEW QUESTION # 18
Which CLI query would bring back Notable Events from Splunk?
A)
B)
C)
D)
- A. Option B
- B. Option C
- C. Option A
- D. Option D
Answer: D
NEW QUESTION # 19
An Administrator is alerted to a Suspicious Process Creation security event from multiple users.
The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )
- A. Contact support and ask for a security exception.
- B. In the Cortex XDR security event, review the specific parent process, child process, and command line arguments
- C. With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module
- D. Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist
Answer: B,D
NEW QUESTION # 20
When analyzing logs for indicators, which are used for only BIOC identification'?
- A. error messages
- B. techniques
- C. observed activity
- D. artifacts
Answer: B
NEW QUESTION # 21
What method does the Traps agent use to identify malware during a scheduled scan?
- A. Heuristic analysis
- B. Local analysis
- C. Signature comparison
- D. WildFire hash comparison and dynamic analysis
Answer: D
NEW QUESTION # 22
A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows;
What is the remaining configuration?
A)
B)
C)
D)
- A. Option B
- B. Option C
- C. Option A
- D. Option D
Answer: D
NEW QUESTION # 23
What are two manual actions allowed on War Room entries? (Choose two.)
- A. Mark as note
- B. Mark as evidence
- C. Mark as scheduled entry
- D. Mark as artifact
Answer: D
NEW QUESTION # 24
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.) SUCCESS
- A. The modified script attempted to access a dictionary key that did not exist in the dictionary named
"data" - B. The modified scnpt was run in the wrong Docker image
- C. The modified script required a different parameter to run successfully.
- D. The dictionary was defined incorrectly in the second script.
Answer: B
NEW QUESTION # 25
The customer has indicated they need EDR data collection capabilities, which Cortex XDR license is required?
- A. Cortex XDR Pro Per Endpoint
- B. Cortex XDR Endpoint
- C. Cortex XDR Prevent
- D. Cortex XDR Pro per TB
Answer: B
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-licen
NEW QUESTION # 26
A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?
- A. Agree to build the integration as part of the POC
- B. Tell them custom integrations are not created as part of the POC
- C. Extend the POC window to allow the solution architects to build it
- D. Tell them we can build it with Professional Services.
Answer: B
NEW QUESTION # 27
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)
- A. OS
- B. Domain/workgroup membership
- C. quarantine status
- D. attack threat intelligence tag
- E. hostname
Answer: A,C,E
NEW QUESTION # 28
Which Cortex XDR capability extends investigations to an endpoint?
- A. Sensors
- B. Causality Chain
- C. Log Stitching
- D. Live Terminal
Answer: C
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-concepts
NEW QUESTION # 29
Which two entities can be created as a BIOC? (Choose two.)
- A. event log
- B. file
- C. registry
- D. alert log
Answer: B,C
Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/cortex-xdr-indicators/working-with-biocs/create-a-bioc-rule.html
NEW QUESTION # 30
Which two formats are supported by Whitelist? (Choose two)
- A. STIX
- B. Regex
- C. CIDR
- D. CSV
Answer: B,C
NEW QUESTION # 31
......
Tested Material Used To PSE-Cortex: https://www.actualtests4sure.com/PSE-Cortex-test-questions.html
Following are some new PSE-Cortex Real Exam Questions!: https://drive.google.com/open?id=1Q8bu9aTNl57dY0jDRkoWiuXriGMVHLR0

