Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Paloalto Networks
  3. PSE-Cortex Professional
  4. PSE-Cortex
  5. Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex Questions and answers with ValidTests

Exam PSE-Cortex All Questions
Exam PSE-Cortex Premium Access

View all detail and faqs for the PSE-Cortex exam

Go to Exam
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions
Questions # 41:

What is the difference between an exception and an exclusion?

Options:

A.

An exception is based on rules and exclusions are on alerts

B.

An exclusion is based on rules and exceptions are based on alerts.

C.

An exception does not exist

D.

An exclusion does not exist

Expert Solution
Questions # 42:

What does DBot use to score an indicator that has multiple reputation scores?

Options:

A.

most severe score

B.

undefined score

C.

average score

D.

least severe score

Expert Solution
Questions # 43:

How does DBot score an indicator that has multiple reputation scores?

Options:

A.

uses the most severe score scores

B.

the reputation as undefined

C.

uses the average score

D.

uses the least severe score

Expert Solution
Questions # 44:

Which command is used to add Cortex XSOAR "User1" to an investigation from the War Room command-line interface (CLI)?

Options:

A.

/invite User1

B.

#User1

C.

@User1

D.

!invite User1

Expert Solution
Questions # 45:

Cortex XSOAR has extracted a malicious IP address involved in command-and-control traffic.

What is the best method to automatically block this IP from communicating with endpoints without requiring a configuration change on the firewall?

Options:

A.

Create a NetOps ticket requesting a configuration change to the firewall to block the IP.

B.

Add the IP address to an external dynamic list used by the firewall.

C.

Add the IP address to a threat intelligence management malicious IP list to elevate priority of future alerts.

D.

Block the IP address by creating a deny rule in the firewall.

Expert Solution
Questions # 46:

Where is the output of the task visible when a playbook task errors out?

Options:

A.

playbook editor

B.

XSOAR audit log

C.

/var/log/messages

D.

War Room of the incident

Expert Solution
Questions # 47:

Which Cortex XDR capability extends investigations to an endpoint?

Options:

A.

Log Stitching

B.

Causality Chain

C.

Sensors

D.

Live Terminal

Expert Solution
Questions # 48:

Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types? (Choose three.)

Options:

A.

Define whether a playbook runs automatically when an incident type is encountered

B.

Set reminders for an incident SLA

C.

Add new fields to an incident type

D.

Define the way that incidents of a specific type are displayed in the system

E.

Drop new incidents of the same type that contain similar information

Expert Solution
Questions # 49:

Rearrange the steps into the correct order for modifying an incident layout.

Question # 49

Options:

Expert Solution
Questions # 50:

Which two entities can be created as a BIOC? (Choose two.)

Options:

A.

file

B.

registry

C.

event log

D.

alert log

Expert Solution
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions