Try Before You Buy

Download a free sample of any of our exam questions and answers

  • 24/7 customer support, Secure shopping site
  • Free One year updates to match real exam scenarios
  • If you failed your exam after buying our products we will refund the full amount back to you.
Free Download
  • Home
  • Articles
  • Free Palo Alto Networks PSE-Cortex Study Guides Exam Questions & Answer [Q23-Q44]

Free Palo Alto Networks PSE-Cortex Study Guides Exam Questions & Answer [Q23-Q44]

Share

Free Palo Alto Networks PSE-Cortex Study Guides Exam Questions and Answer

PSE-Cortex Exam Dumps, PSE-Cortex Practice Test Questions

NEW QUESTION 23
An Administrator is alerted to a Suspicious Process Creation security event from multiple users.
The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

  • A. Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist
  • B. Contact support and ask for a security exception.
  • C. In the Cortex XDR security event, review the specific parent process, child process, and command line arguments
  • D. With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module

Answer: A,C

 

NEW QUESTION 24
If you have a playbook task that errors out. where could you see the output of the task?

  • A. War Room of the incident
  • B. Demisto Audit log
  • C. /var/log/messages
  • D. Playbook Editor

Answer: A

 

NEW QUESTION 25
When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?

  • A. splunk-get-alerts integration command
  • B. Cortex XSOAR TA App for Splunk
  • C. SplunkGO integration
  • D. SplunkSearch automation

Answer: A

 

NEW QUESTION 26
Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?

Which two playbook functionalities allow looping through a group of tasks during playbook execution?
(Choose two.)

  • A. Sub-Play books
  • B. Generic Polling Automation Playbook
  • C. Playbook Tasks
  • D. Playbook Functions

Answer: A,D

 

NEW QUESTION 27
Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)

  • A. endpoint hostname
  • B. domain
  • C. registry entry
  • D. IP

Answer: B,D

 

NEW QUESTION 28
Which Cortex XDR capability extends investigations to an endpoint?

  • A. Live Terminal
  • B. Causality Chain
  • C. Sensors
  • D. Log Stitching

Answer: D

Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-concepts

 

NEW QUESTION 29
When analyzing logs for indicators, which are used for only BIOC identification'?

  • A. error messages
  • B. observed activity
  • C. techniques
  • D. artifacts

Answer: C

 

NEW QUESTION 30
What is the result of creating an exception from an exploit security event?

  • A. exempts administrators from generating alerts for 24 hours
  • B. White lists the process from Wild Fire analysis
  • C. disables the triggered EPM for the host and process involve
  • D. exempts the user from generating events for 24 hours

Answer: C

 

NEW QUESTION 31
During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.

During the service instance provisioning which three DNS host names are created? (Choose three.)

  • A. cc-xnet.traps.paloaltonetworks.com
  • B. cc-xnet50.traps.paloaltonetworks.com
  • C. cc.xnet50traps.paloaltonetworks.com
  • D. ch-xnet.traps.paloaltonetworks.com
  • E. xnettraps.paloaltonetworks.com
  • F. hc-xnet50.traps.paloaltonetworks.com

Answer: A,B,D

 

NEW QUESTION 32
The certificate used for decryption was installed as a trusted root CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

  • A. add paloaltonetworks com to the SSL Decryption Exclusion list
  • B. reinstall the root CA certificate
  • C. enable SSL decryption
  • D. disable SSL decryption

Answer: B

 

NEW QUESTION 33
When a Demisto Engine is part of a Load-Balancing group it?

  • A. It must have port 443 open to allow the Demisto Server to establish a connection
  • B. Can be used separately as an engine, only if connected to the Demisto Server directly
  • C. Cannot be used separately and does not appear in the in the engines drop-down menu when configuring an integration instance
  • D. Must be in a Load-Balancing group with at least another 3 members

Answer: C

 

NEW QUESTION 34
If a customer activates a TMS tenant and has not purchased a Cortex Data Lake instance.
Palo Alto Networks will provide the customer with a free instance
What size is this free Cortex Data Lake instance?

  • A. 100 GB
  • B. 10 GB
  • C. 10 TB
  • D. 1 TB

Answer: D

 

NEW QUESTION 35
How does an "inline" auto-extract task affect playbook execution?

  • A. Doesn't wait until the indicators are enriched but populate context data before executing the next
  • B. step. Wait until the indicators are enriched but doesn't populate context data before executing the next step.
  • C. Wait until the indicators are enriched and populate context data before executing the next step.
  • D. Doesn't wait until the indicators are enriched and continues executing the next step

Answer: C

 

NEW QUESTION 36
Whichfour types of Traps logs are stored within Cortex Data Lake?

  • A. Threat, Config, System,Data
  • B. Threat, Config, System, Analytic
  • C. Threat, Monitor. System, Analytic
  • D. Threat, Config, Authentication, Analytic

Answer: A

 

NEW QUESTION 37
Which four types of Traps logs are stored within Cortex Data Lake?

  • A. Threat, Config, System, Data
  • B. Threat, Config, System, Analytic
  • C. Threat, Monitor. System, Analytic
  • D. Threat, Config, Authentication, Analytic

Answer: B

 

NEW QUESTION 38
How can you view all the relevant incidents for an indicator?

  • A. Linked Incidents column in Indicator Screen
  • B. Related Incidents column in Indicator Screen
  • C. Related Indicators column in Incident Screen
  • D. Linked Indicators column in Incident Screen

Answer: D

 

NEW QUESTION 39
"Bob" is a Demisto user. Which command is used to add 'Bob" to an investigation from the War Room CLI?

  • A. /invite Bob
  • B. !invite Bob
  • C. @Bob
  • D. #Bob

Answer: D

 

NEW QUESTION 40
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?

  • A. Agent Configuration
  • B. Device Customization
  • C. Device Control
  • D. Agent Management

Answer: C

Explanation:
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231

 

NEW QUESTION 41
How do sub-playbooks affect the Incident Context Data?

  • A. When set to global, sub-playbook tasks do not have access to the root context
  • B. When set to global, allows parallel task execution.
  • C. When set to private, task outputs automatically get written to the root context
  • D. When set to private, task outputs do not automatically get written to the root context

Answer: D

 

NEW QUESTION 42
Which option describes a Load-Balancing Engine Group?

  • A. A group of engines that use an algorithm to efficiently share the workload for integrations
  • B. A group of D2 agents that share processing power across multiple endpoints
  • C. A group of engines that ensure High Availability of Demisto backend databases.
  • D. A group of engines that use an algorithm to efficiently share the workload for automation scripts

Answer: D

 

NEW QUESTION 43
The customer has indicated they need EDR data collection capabilities, which Cortex XDR license is required?

  • A. Cortex XDR Endpoint
  • B. Cortex XDR Prevent
  • C. Cortex XDR Pro Per Endpoint
  • D. Cortex XDR Pro per TB

Answer: C

Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-licenses/migrate-your-cortex-xdr-license

 

NEW QUESTION 44
......

Latest PSE-Cortex Actual Free Exam Questions Updated 60 Questions: https://www.vce4dumps.com/PSE-Cortex-valid-torrent.html

Attested PSE-Cortex Dumps PDF Resource [2022]: https://drive.google.com/open?id=1Xv61ox4EeZWvQNzlK-SrI6da1spZoO-b

Related Articles

more
Palo Alto Networks PSE-Cortex Certification Practice Exam

VCE4Dumps have latest exam dumps vce and valid certification dumps, with the help of vce dumps, you will get a high score in the test.

Latest VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 VCE4Dumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy