1. Home
  2. Paloalto Networks
  3. PSE-Cortex Professional
  4. PSE-Cortex
  5. Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex Questions and answers with CertsForce

 Paloalto Networks Exams      Go to Exam Detail      Get Premium Access
Viewing page 5 out of 5 pages
Viewing questions 41-50 out of questions
Questions # 41:

A customer wants the main Cortex XSOAR server installed in one site and wants to integrate with three other technologies in a second site.

What communications are required between the two sites if the customer wants to install a Cortex XSOAR engine in the second site?

Options:
A.

The Cortex XSOAR server at the first site must be able to initiate a connection to the Cortex XSOAR engine at the second site.

B.

All connectivity is initiated from the Cortex XSOAR server on the first site via a managed cloud proxy.

C.

Dedicated site-to-site virtual private network (VPN) is required for the Cortex XSOAR server at the first site to initiate a connection to the Cortex XSOAR engine at the second site.

D.

The Cortex XSOAR engine at the first site must be able to initiate a connection to the Cortex XSOAR server at the second site.

Questions # 42:

Which statement applies to the differentiation of Cortex XDR from security information and event management (SIEM)?

Options:
A.

SIEM has access to raw logs from agents, where Cortex XDR traditionally only gets alerts.

B.

Cortex XDR allows just logging into the console and out of the box the events were blocked as a proactive approach.

C.

Cortex XDR requires a large and diverse team of analysts and up to several weeks for simple actions like creating an alert.

D.

SIEM has been entirely designed and built as cloud-native, with the ability to stitch together cloud logs, on-premises logs, third-party logs, and endpoint logs.

Questions # 43:

Which two formats are supported by Whitelist? (Choose two)

Options:
A.

Regex

B.

STIX

C.

CSV

D.

CIDR

Questions # 44:

For which two purposes can Cortex XSOAR engines be deployed? (Choose two.)

Options:
A.

To execute recurring daybooks based on specific time schedules or changed to a feed

B.

To add processing resources for a heavily-used integration via load-balancing groups.

C.

To integrate with tools in a network location that the Cortex XSOAR server cannot reach directly

D.

To connect Cortex XSOAR to all required Palo Alto Networks resources such as the Cortex Gateway

Questions # 45:

A Cortex Xpanse customer receives an email regarding an upcoming product update and wants to get more information on the new features.

In which resource can the customer access this information?

Options:
A.

Administrator Guide

B.

Release Notes

C.

Compatibility Matrix

D.

LIVEcommunitv

Questions # 46:

Given the integration configuration and error in the screenshot what is the cause of the problem?

Question # 46

Options:
A.

incorrect instance name

B.

incorrect Username and Password

C.

incorrect appliance port

D.

incorrect server URL

Questions # 47:

When preparing for a Cortex XSOAR proof of value (POV), which task should be performed before the evaluation is requested?

Options:
A.

Ensuring that the customer has single sign-on (SSO) configured in their environment

B.

Building out an executive-IeveI proposal detailing the product capabilities

C.

Planning for every different use case the customer has for the solution

D.

Gathering a list of the different integrations that will need to be configured

Questions # 48:

What is the recommended first step in planning a Cortex XDR deployment?

Options:
A.

Implement Cortex XDR across all endpoints without assessing architecture or assets

B.

Deploy agents across the entire environment for immediate protection.

C.

Deploy Cortex XDR on endpoints with the highest potential for attack.

D.

Conduct an assessment and identify critical assets and endpoint within the environment.

Questions # 49:

How can you view all the relevant incidents for an indicator?

Options:
A.

Linked Incidents column in Indicator Screen

B.

Linked Indicators column in Incident Screen

C.

Related Indicators column in Incident Screen

D.

Related Incidents column in Indicator Screen

Questions # 50:

Which two log types should be configured for firewall forwarding to the Cortex Data Lake for use by Cortex XDR? (Choose two)

Options:
A.

Security Event

B.

HIP

C.

Correlation

D.

Analytics

Viewing page 5 out of 5 pages
Viewing questions 41-50 out of questions