Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Paloalto Networks PSE-Cortex - Palo Alto Networks System Engineer - Cortex Professional

Page: 3 / 5
Total 168 questions

The certificate used for decryption was installed as a trusted root CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

A.

add paloaltonetworks com to the SSL Decryption Exclusion list

B.

enable SSL decryption

C.

disable SSL decryption

D.

reinstall the root CA certificate

What method does the Traps agent use to identify malware during a scheduled scan?

A.

Heuristic analysis

B.

Local analysis

C.

Signature comparison

D.

WildFire hash comparison and dynamic analysis

Which feature of Cortex XSIAM displays an entire picture of an attack, including the originating process or delivery point?

A.

Sample analysis

B.

Correlation rule

C.

Causality View

D.

Automation playbook

Which option describes a Load-Balancing Engine Group?

A.

A group of engines that use an algorithm to efficiently share the workload for integrations

B.

A group of engines that ensure High Availability of Demisto backend databases.

C.

A group of engines that use an algorithm to efficiently share the workload for automation scripts

D.

A group of D2 agents that share processing power across multiple endpoints

How does an "inline" auto-extract task affect playbook execution?

A.

Doesn't wait until the indicators are enriched and continues executing the next step

B.

Doesn't wait until the indicators are enriched but populate context data before executing the next

C.

step. Wait until the indicators are enriched but doesn't populate context data before executing the next step.

D.

Wait until the indicators are enriched and populate context data before executing the next step.

Which element displays an entire picture of an attack, including the root cause or delivery point?

A.

Cortex XSOAR Work Plan

B.

Cortex SOC Orchestrator

C.

Cortex Data Lake

D.

Cortex XDR Causality View

Which attack method is a result of techniques designed to gain access through vulnerabilities in the code of an operating system (OS) or application?

A.

exploit

B.

malware

C.

phishing

D.

ransomware

What is a requirement when integrating Cortex XSIAM or Cortex XDR with other Palo Alto Networks products?

A.

Advanced logging service license

B.

HTTP Collector

C.

Devices in the same region as XDR/XSIAM

D.

XDR/XSIAM Broker VM

What are two reasons incident investigation is needed in Cortex XDR? (Choose two.)

A.

No solution will stop every attack requiring further investigation of activity.

B.

Insider Threats may not be blocked and initial activity may go undetected.

C.

Analysts need to acquire forensic artifacts of malware that has been blocked by the XDR agent.

D.

Detailed reports are needed for senior management to justify the cost of XDR.

The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console. What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

A.

add paloaltonetworks.com to the SSL Decryption Exclusion list

B.

enable SSL decryption

C.

disable SSL decryption

D.

reinstall the root CA certificate