Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Paloalto Networks PSE-Cortex - Palo Alto Networks System Engineer - Cortex Professional

Paloalto Networks PSE-Cortex Premium Access     Download Demo    
Page: 2 / 5
Total 168 questions

Which Cortex XSIAM feature can be used to onboard data sources?

A.

Marketplace Integration

B.

Playbook

C.

Data Ingestion Dashboard

D.

Asset Inventory

Which two types of indicators of compromise (IOCs) are available for creation in Cortex XDR? (Choose two.)

A.

registry

B.

file path

C.

hash

D.

hostname

Which command is used to add Cortex XSOAR "User1" to an investigation from the War Room command-line interface (CLI)?

A.

/invite User1

B.

#User1

C.

@User1

D.

!invite User1

An Administrator is alerted to a Suspicious Process Creation security event from multiple users.

The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

A.

With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module

B.

Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist

C.

In the Cortex XDR security event, review the specific parent process, child process, and command line arguments

D.

Contact support and ask for a security exception.

What is the recommended first step in planning a Cortex XDR deployment?

A.

Implement Cortex XDR across all endpoints without assessing architecture or assets

B.

Deploy agents across the entire environment for immediate protection.

C.

Deploy Cortex XDR on endpoints with the highest potential for attack.

D.

Conduct an assessment and identify critical assets and endpoint within the environment.

Which two items are stitched to the Cortex XDR causality chain'' (Choose two)

A.

firewall alert

B.

SIEM alert

C.

full URL

D.

registry set value

The prospect is deciding whether to go with a phishing or a ServiceNow use case as part of their POC We have integrations for both but a playbook for phishing only Which use case should be used for the POC?

A.

phishing

B.

either

C.

ServiceNow

D.

neither

How does Cortex XSOAR automation save time when a phishing incident occurs?

A.

By developing an integration.

B.

By responding to management with risk scores

C.

By purging unopened phishing email from user mailboxes

D.

By emailing staff to inform them of phishing attack in advance

A General Purpose Dynamic Section can be added to which two layouts for incident types? (Choose two)

A.

"Close" Incident Form

B.

Incident Summary

C.

Incident Quick View

D.

"New"/Edit" Incident Form

Which consideration should be taken into account before deploying Cortex XSOAR?

A.

Which cybersecurity framework to implement for Secure Operations Center (SOC) operations

B.

Whether communication with internal or external applications is required

C.

How to configure network firewalls for optimal performance

D.

Which endpoint protection software to integrate with Cortex XSOAR