1. Home
  2. Paloalto Networks
  3. PSE-Cortex Professional
  4. PSE-Cortex
  5. Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex Questions and answers with CertsForce

 Paloalto Networks Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 5 pages
Viewing questions 11-20 out of questions
Questions # 11:

What is the primary purpose of Cortex XSIAM’s machine learning led design?

Options:
A.

To group alerts into incidents for manual analysis

B.

To facilitate alert and log management without automation

C.

To effectively handle the bulk of incidents through automation

D.

To rely heavily on human-driven detection and remediation

Expert Solution
Questions # 12:

Which service helps identify attackers by combining world-class threat intelligence with Cortex XSIAM technology?

Options:
A.

Virtual Desktop Infrastructure

B.

Managed Threat Hunting

C.

Threat Intelligence Platform

D.

Cloud Identity Engine

Expert Solution
Questions # 13:

What is a benefit of user entity behavior analytics (UEBA) over security information and event management (SIEM)?

Options:
A.

SIEMs supports only agentless scanning, not agent-based workload protection across VMs, containers/Kubernetes.

B.

UEBA can add trusted signers of Windows or Mac processes to a whitelist in the Endpoint Security Manager (ESM) Console.

C.

SIEMs have difficulty detecting unknown or advanced security threats that do not involve malware, such as credential theft.

D.

UEBA establishes a secure connection in which endpoints can be routed, and it collects and forwards logs and files for analysis.

Expert Solution
Questions # 14:

A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified

(exploit/windows/browser/ms16_051_vbscript)

The description and current configuration of the exploit are as follows;

Question # 14

What is the remaining configuration?

A)

Question # 14

B)

Question # 14

C)

Question # 14

D)

Question # 14

Options:
A.

Option A

B.

Option B

C.

Option C

D.

Option D

Expert Solution
Questions # 15:

The Cortex XDR management service requires which other Palo Alto Networks product?

Options:
A.

Directory Sync

B.

Cortex Data Lake

C.

Panorama

D.

Cortex XSOAR

Expert Solution
Questions # 16:

Which task allows the playbook to follow different paths based on specific conditions?

Options:
A.

Conditional

B.

Automation

C.

Manual

D.

Parallel

Expert Solution
Questions # 17:

What does Cortex Xpanse ingest from XDR endpoints?

Options:
A.

MAC addresses

B.

User-agent data

C.

Public IP addresses

D.

Hostnames

Expert Solution
Questions # 18:

Which two items are stitched to the Cortex XDR causality chain'' (Choose two)

Options:
A.

firewall alert

B.

SIEM alert

C.

full URL

D.

registry set value

Expert Solution
Questions # 19:

If you have a playbook task that errors out. where could you see the output of the task?

Options:
A.

/var/log/messages

B.

War Room of the incident

C.

Demisto Audit log

D.

Playbook Editor

Expert Solution
Questions # 20:

What is the primary function of an engine in Cortex XSOAR?

Options:
A.

To execute playbooks, scripts, commands, and integrations

B.

To manage multiple Cortex XSOAR tenants

C.

To provide a user interface for security analysts

D.

To store and manage incident data, remediation plans, and documentation

Expert Solution
Viewing page 2 out of 5 pages
Viewing questions 11-20 out of questions