Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Paloalto Networks
  3. PSE-Cortex Professional
  4. PSE-Cortex
  5. Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex Questions and answers with ValidTests

Exam PSE-Cortex All Questions
Exam PSE-Cortex Premium Access

View all detail and faqs for the PSE-Cortex exam

Go to Exam
Viewing page 6 out of 6 pages
Viewing questions 51-60 out of questions
Questions # 51:

What is the recommended first step in planning a Cortex XDR deployment?

Options:

A.

Implement Cortex XDR across all endpoints without assessing architecture or assets

B.

Deploy agents across the entire environment for immediate protection.

C.

Deploy Cortex XDR on endpoints with the highest potential for attack.

D.

Conduct an assessment and identify critical assets and endpoint within the environment.

Expert Solution
Questions # 52:

A Cortex XSIAM customer is unable to access their Cortex XSIAM tenant.

Which resource can the customer use to validate the uptime of Cortex XSIAM?

Options:

A.

Administrator Guide

B.

LIVEcommunity

C.

Release Notes

D.

Palo Alto Networks Status Page

Expert Solution
Questions # 53:

Which two methods does the Cortex XDR agent use to identify malware during a scheduled scan? (Choose two.)

Options:

A.

WildFire hash comparison

B.

heuristic analysis

C.

signature comparison

D.

dynamic analysis

Expert Solution
Questions # 54:

The customer has indicated they need EDR data collection capabilities, which Cortex XDR license is required?

Options:

A.

Cortex XDR Pro per TB

B.

Cortex XDR Prevent

C.

Cortex XDR Endpoint

D.

Cortex XDR Pro Per Endpoint

Expert Solution
Questions # 55:

What is a benefit of user entity behavior analytics (UEBA) over security information and event management (SIEM)?

Options:

A.

SIEMs supports only agentless scanning, not agent-based workload protection across VMs, containers/Kubernetes.

B.

UEBA can add trusted signers of Windows or Mac processes to a whitelist in the Endpoint Security Manager (ESM) Console.

C.

SIEMs have difficulty detecting unknown or advanced security threats that do not involve malware, such as credential theft.

D.

UEBA establishes a secure connection in which endpoints can be routed, and it collects and forwards logs and files for analysis.

Expert Solution
Questions # 56:

How can you view all the relevant incidents for an indicator?

Options:

A.

Linked Incidents column in Indicator Screen

B.

Linked Indicators column in Incident Screen

C.

Related Indicators column in Incident Screen

D.

Related Incidents column in Indicator Screen

Expert Solution
Questions # 57:

An administrator of a Cortex XDR protected production environment would like to test its ability to protect users from a known flash player exploit.

What is the safest way to do it?

Options:

A.

The administrator should attach a copy of the weapomzed flash file to an email, send the email to a selected group of employees, and monitor the Events tab on the Cortex XDR console

B.

The administrator should use the Cortex XDR tray icon to confirm his corporate laptop is fully protected then open the weaponized flash file on his machine, and monitor the Events tab on the Cortex XDR console.

C.

The administrator should create a non-production Cortex XDR test environment that accurately represents the production environment, introduce the weaponized flash file, and monitor the Events tab on the Cortex XDR console.

D.

The administrator should place a copy of the weaponized flash file on several USB drives, scatter them around the office and monitor the Events tab on the Cortex XDR console

Expert Solution
Questions # 58:

An administrator has a critical group of systems running Windows XP SP3 that cannot be upgraded The administrator wants to evaluate the ability of Traps to protect these systems and the word processing applications running on them

How should an administrator perform this evaluation?

Options:

A.

Gather information about the word processing applications and run them on a Windows XP SP3 VM Determine if any of the applications are vulnerable and run the exploit with an exploitation tool

B.

Run word processing exploits in a latest version of Windows VM in a controlled and isolated environment. Document indicators of compromise and compare to Traps protection capabilities

C.

Run a known 2015 flash exploit on a Windows XP SP3 VM. and run an exploitation tool that acts as a listener Use the results to demonstrate Traps capabilities

D.

Prepare the latest version of Windows VM Gather information about the word processing applications, determine if some of them are vulnerable and prepare a working exploit for at least one of them Execute with an exploitation tool

Expert Solution
Questions # 59:

When preparing the golden image in a Cortex XDR Virtual Desktop Infrastructure (VDI) deployment, which step is required?

Options:

A.

Disable automatic memory dumps.

B.

Scan the image using the imagepreptool.

C.

Launch the VDI conversion tool.

D.

Enable the VDI license timeout.

Expert Solution
Questions # 60:

A Cortex Xpanse customer receives an email regarding an upcoming product update and wants to get more information on the new features.

In which resource can the customer access this information?

Options:

A.

Administrator Guide

B.

Release Notes

C.

Compatibility Matrix

D.

LIVEcommunitv

Expert Solution
Viewing page 6 out of 6 pages
Viewing questions 51-60 out of questions