Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Paloalto Networks
  3. PSE-Cortex Professional
  4. PSE-Cortex-Pro-24
  5. Palo Alto Networks Systems Engineer Professional - Cortex Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex-Pro-24 Questions and answers with ValidTests

Exam PSE-Cortex-Pro-24 All Questions
Exam PSE-Cortex-Pro-24 Premium Access

View all detail and faqs for the PSE-Cortex-Pro-24 exam

Go to Exam
Viewing page 4 out of 6 pages
Viewing questions 31-40 out of questions
Questions # 31:

The prospect is deciding whether to go with a phishing or a ServiceNow use case as part of their POC We have integrations for both but a playbook for phishing only Which use case should be used for the POC?

Options:

A.

phishing

B.

either

C.

ServiceNow

D.

neither

Expert Solution
Questions # 32:

Given the integration configuration and error in the screenshot what is the cause of the problem?

Question # 32

Options:

A.

incorrect instance name

B.

incorrect Username and Password

C.

incorrect appliance port

D.

incorrect server URL

Expert Solution
Questions # 33:

An administrator has a critical group of systems running Windows XP SP3 that cannot be upgraded The administrator wants to evaluate the ability of Traps to protect these systems and the word processing applications running on them

How should an administrator perform this evaluation?

Options:

A.

Gather information about the word processing applications and run them on a Windows XP SP3 VM Determine if any of the applications are vulnerable and run the exploit with an exploitation tool

B.

Run word processing exploits in a latest version of Windows VM in a controlled and isolated environment. Document indicators of compromise and compare to Traps protection capabilities

C.

Run a known 2015 flash exploit on a Windows XP SP3 VM. and run an exploitation tool that acts as a listener Use the results to demonstrate Traps capabilities

D.

Prepare the latest version of Windows VM Gather information about the word processing applications, determine if some of them are vulnerable and prepare a working exploit for at least one of them Execute with an exploitation tool

Expert Solution
Questions # 34:

When a Demisto Engine is part of a Load-Balancing group it?

Options:

A.

Must be in a Load-Balancing group with at least another 3 members

B.

It must have port 443 open to allow the Demisto Server to establish a connection

C.

Can be used separately as an engine, only if connected to the Demisto Server directly

D.

Cannot be used separately and does not appear in the in the engines drop-down menu when configuring an integration instance

Expert Solution
Questions # 35:

A Cortex XSOAR customer wants to ingest emails from a single mailbox. The mailbox brings in reported phishing emails and email requests from human resources (HR) to onboard new users. The customer wants to run two separate workflows from this mailbox, one for phishing and one for onboarding.

What will allow Cortex XSOAR to accomplish this in the most efficient way?

Options:

A.

Create two instances of the email integration and classify one instance as ingesting incidents of type phishing and the other as ingesting incidents of type onboarding.

B.

Use an incident classifier based on a field in each type of email to classify those containing "Phish Alert" in the subject as phishing and those containing "Onboard Request" as onboarding.

C.

Create a playbook to process and determine incident type based on content of the email.

D.

Use machine learning (ML) to determine incident type.

Expert Solution
Questions # 36:

Which four types of Traps logs are stored within Cortex Data Lake?

Options:

A.

Threat, Config, System, Data

B.

Threat, Config, System, Analytic

C.

Threat, Monitor. System, Analytic

D.

Threat, Config, Authentication, Analytic

Expert Solution
Questions # 37:

An adversary is attempting to communicate with malware running on your network for the purpose of controlling malware activities or for ex filtrating data from your network. Which Cortex XDR Analytics alert is this activity most likely to trigger'?

Options:

A.

Uncommon Local Scheduled Task Creation

B.

Malware

C.

New Administrative Behavior

D.

DNS Tunneling

Expert Solution
Questions # 38:

The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.)

SUCCESS

Question # 38

Options:

A.

The modified scnpt was run in the wrong Docker image

B.

The modified script required a different parameter to run successfully.

C.

The dictionary was defined incorrectly in the second script.

D.

The modified script attempted to access a dictionary key that did not exist in the dictionary named "data”

Expert Solution
Questions # 39:

What should be configured for a Cortex XSIAM customer who wants to automate the response to certain alerts?

Options:

A.

Playbook triggers

B.

Correlation rules

C.

Incident scoring

D.

Data model rules

Expert Solution
Questions # 40:

How do sub-playbooks affect the Incident Context Data?

Options:

A.

When set to private, task outputs do not automatically get written to the root context

B.

When set to private, task outputs automatically get written to the root context

C.

When set to global, allows parallel task execution.

D.

When set to global, sub-playbook tasks do not have access to the root context

Expert Solution
Viewing page 4 out of 6 pages
Viewing questions 31-40 out of questions