1. Home
  2. Paloalto Networks
  3. PSE-Cortex Professional
  4. PSE-Cortex
  5. Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex Questions and answers with CertsForce

 Paloalto Networks Exams      Go to Exam Detail      Get Premium Access
Viewing page 3 out of 5 pages
Viewing questions 21-30 out of questions
Questions # 21:

Which step is required to prepare the VDI Golden Image?

Options:
A.

Review any PE files that WildFire determined to be malicious

B.

Ensure the latest content updates are installed

C.

Run the VDI conversion tool

D.

Set the memory dumps to manual setting

Questions # 22:

Which CLI query would bring back Notable Events from Splunk?

A)

Question # 22

B)

Question # 22

C)

Question # 22

D)

Question # 22

Options:
A.

Option A

B.

Option B

C.

Option C

D.

Option D

Questions # 23:

Which option is required to prepare the VDI Golden Image?

Options:
A.

Configure the Golden Image as a persistent VDI

B.

Use the Cortex XDR VDI tool to obtain verdicts for all PE files

C.

Install the Cortex XOR Agent on the local machine

D.

Run the Cortex VDI conversion tool

Questions # 24:

A customer has purchased Cortex XDR and requires phone support for the product.

Which Palo Alto Networks offering would fulfill this need?

Options:
A.

Platinum Success

B.

Premium Success

C.

Diamond Success

D.

Standard Success

Questions # 25:

What are two reasons incident investigation is needed in Cortex XDR? (Choose two.)

Options:
A.

No solution will stop every attack requiring further investigation of activity.

B.

Insider Threats may not be blocked and initial activity may go undetected.

C.

Analysts need to acquire forensic artifacts of malware that has been blocked by the XDR agent.

D.

Detailed reports are needed for senior management to justify the cost of XDR.

Questions # 26:

Rearrange the steps into the correct order for modifying an incident layout.

Question # 26

Questions # 27:

Which Cortex XDR capability prevents running malicious files from USB-connected removable equipment?

Options:
A.

Device customization

B.

Agent configuration

C.

Agent management

D.

Restrictions profile

Questions # 28:

Which two actions are required to add indicators to the whitelist? (Choose two.)

Options:
A.

Click "New Whitelisted Indicator" in the Whitelist page.

B.

Upload an external file named "whitelist" to the Whitelist page.

C.

Upload an external file named "whitelist" to the Indicators page.

D.

Select the indicators and click "Delete and Whitelist" in the Indicators page.

Questions # 29:

When preparing the golden image in a Cortex XDR Virtual Desktop Infrastructure (VDI) deployment, which step is required?

Options:
A.

Disable automatic memory dumps.

B.

Scan the image using the imagepreptool.

C.

Launch the VDI conversion tool.

D.

Enable the VDI license timeout.

Questions # 30:

Which four types of Traps logs are stored within Cortex Data Lake?

Options:
A.

Threat, Config, System, Data

B.

Threat, Config, System, Analytic

C.

Threat, Monitor. System, Analytic

D.

Threat, Config, Authentication, Analytic

Viewing page 3 out of 5 pages
Viewing questions 21-30 out of questions