Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Paloalto Networks PSE-Cortex - Palo Alto Networks System Engineer - Cortex Professional

Paloalto Networks PSE-Cortex Premium Access     Download Demo    
Page: 1 / 5
Total 168 questions

Which Cortex XDR capability extends investigations to an endpoint?

A.

Log Stitching

B.

Causality Chain

C.

Sensors

D.

Live Terminal

In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three )

A.

alert root cause

B.

hostname

C.

domain/workgroup membership

D.

OS

E.

presence of Flash executable

Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types? (Choose three.)

A.

Define whether a playbook runs automatically when an incident type is encountered

B.

Set reminders for an incident SLA

C.

Add new fields to an incident type

D.

Define the way that incidents of a specific type are displayed in the system

E.

Drop new incidents of the same type that contain similar information

Which two formats are supported by Whitelist? (Choose two)

A.

Regex

B.

STIX

C.

CSV

D.

CIDR

Which feature in Cortex XSIAM extends analytics detections to all mapped network and authentication data?

A.

Threat feed integration

B.

Automation daybooks

C.

Parsing rules

D.

Data models

Which playbook feature allows concurrent execution of tasks?

A.

parallel tasks

B.

automation tasks

C.

manual tasks

D.

conditional tasks

When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?

A.

splunk-get-alerts integration command

B.

Cortex XSOAR TA App for Splunk

C.

SplunkSearch automation

D.

SplunkGO integration

Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?

A.

Agent Configuration

B.

Device Control

C.

Device Customization

D.

Agent Management

In addition to incident volume, which four critical factors must be evaluated to determine effectiveness and ROI on cybersecurity planning and technology?

A.

Analyst, training costs, duplicated, false positives

B.

People, staffing costs, duplicates, false positives

C.

People, security controls, mean time to detect, false positives

D.

Standard operating procedures, staffing costs, duplicates, mean time to respond

An adversary is attempting to communicate with malware running on your network for the purpose of controlling malware activities or for ex filtrating data from your network. Which Cortex XDR Analytics alert is this activity most likely to trigger'?

A.

Uncommon Local Scheduled Task Creation

B.

Malware

C.

New Administrative Behavior

D.

DNS Tunneling