PSE-Cortex Certification – Valid Exam Dumps Questions Study Guide! (Updated 60 Questions)
PSE-Cortex Dumps are Available for Instant Access using Actualtests4sure
NEW QUESTION 32
Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?
- A. RPM
- B. DEB
- C. ZIP
- D. SH
Answer: C
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/install-deploy-and-config
NEW QUESTION 33
Which two entities can be created as a BIOC? (Choose two.)
- A. alert log
- B. file
- C. registry
- D. event log
Answer: B,C
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/cortex-xd
NEW QUESTION 34
The customer has indicated they need EDR data collection capabilities, which Cortex XDR license is required?
- A. Cortex XDR Pro Per Endpoint
- B. Cortex XDR Pro per TB
- C. Cortex XDR Prevent
- D. Cortex XDR Endpoint
Answer: D
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-licen
NEW QUESTION 35
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?
- A. Device Customization
- B. Agent Configuration
- C. Device Control
- D. Agent Management
Answer: C
Explanation:
Explanation
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231
NEW QUESTION 36
Which option is required to prepare the VDI Golden Image?
- A. Configure the Golden Image as a persistent VDI
- B. Use the Cortex XDR VDI tool to obtain verdicts for all PE files
- C. Install the Cortex XOR Agent on the local machine
- D. Run the Cortex VDI conversion tool
Answer: D
NEW QUESTION 37
"Bob" is a Demisto user. Which command is used to add 'Bob" to an investigation from the War Room CLI?
- A. !invite Bob
- B. #Bob
- C. @Bob
- D. /invite Bob
Answer: B
NEW QUESTION 38
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)
- A. OS
- B. attack threat intelligence tag
- C. hostname
- D. quarantine status
- E. Domain/workgroup membership
Answer: A,C,E
NEW QUESTION 39
When analyzing logs for indicators, which are used for only BIOC identification'?
- A. techniques
- B. artifacts
- C. observed activity
- D. error messages
Answer: C
NEW QUESTION 40
What are two manual actions allowed on War Room entries? (Choose two.)
- A. Mark as scheduled entry
- B. Mark as note
- C. Mark as artifact
- D. Mark as evidence
Answer: C
NEW QUESTION 41
Which task allows the playbook to follow different paths based on specific conditions?
- A. Automation
- B. Parallel
- C. Manual
- D. Conditional
Answer: D
NEW QUESTION 42
How many use cases should a POC success criteria document include?
- A. no more than 2
- B. only 1
- C. no more than 5
- D. 3 or more
Answer: A
NEW QUESTION 43
What are two manual actions allowed on War Room entries? (Choose two.)
- A. Mark as note
- B. Mark as evidence
- C. Mark as scheduled entry
- D. Mark as artifact
Answer: A,B
NEW QUESTION 44
What is the retention requirement for Cortex Data Lake sizing?
- A. number of endpoints
- B. number of VM-Series NGFW
- C. number of days
- D. logs per second
Answer: C
Explanation:
Explanation
https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-corte
NEW QUESTION 45
Which two log types should be configured for firewall forwarding to the Cortex Data Lake for use by Cortex XDR? (Choose two)
- A. Correlation
- B. Security Event
- C. Analytics
- D. HIP
Answer: B,D
NEW QUESTION 46
What is the result of creating an exception from an exploit security event?
- A. exempts administrators from generating alerts for 24 hours
- B. exempts the user from generating events for 24 hours
- C. disables the triggered EPM for the host and process involve
- D. White lists the process from Wild Fire analysis
Answer: C
NEW QUESTION 47
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?
- A. Device Customization
- B. Agent Configuration
- C. Device Control
- D. Agent Management
Answer: C
Explanation:
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231
NEW QUESTION 48
Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?
Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)
- A. Sub-Play books
- B. Playbook Functions
- C. Generic Polling Automation Playbook
- D. Playbook Tasks
Answer: A,C
NEW QUESTION 49
......
Palo Alto Networks PSE-Cortex Exam Practice Test Questions: https://www.actualtests4sure.com/PSE-Cortex-test-questions.html
PSE-Cortex Dumps 2021 - New Palo Alto Networks PSE-Cortex Exam Questions: https://drive.google.com/open?id=1Q8bu9aTNl57dY0jDRkoWiuXriGMVHLR0

