Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
Paloalto Networks
PSE-Cortex Professional
PSE-Cortex
Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam PSE-Cortex Premium Access

View all detail and faqs for the PSE-Cortex exam

Go to Exam

805 Students Passed

85% Average Score

97% Same Questions

Viewing page 2 out of 5 pages

Viewing questions 11-20 out of questions

Questions # 11:

What is the function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM?

Options:

It provides a statistical model for combining scores from multiple vendors

It resolves conflicting scores from different vendors with the same indicator.

It allows for comparison between open-source intelligence and paid services.

It helps identify threat feed vendors with invalid content.

Answer

Explanation

The function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM is to resolve conflicting scores from different vendors for the same indicator. This helps standardize threat intelligence, allowing the platform to provide a more accurate and reliable assessment of the risk associated with a given indicator, even when different sources may provide conflicting information.

Questions # 12:

Which two Cortex XSOAR incident type features can be customized under Settings > Advanced > Incident Types? (Choose two.)

Options:

adding new fields to an incident type

setting reminders for an incident service level agreement

defining whether a playbook runs automatically when an incident type is encountered

dropping new incidents of the same type that contain similar information

Answer

A, C

Explanation

[Reference: https://xsoar.pan.dev/docs/incidents/incident-types, , ]

Questions # 13:

What is used to display only file entries in a War Room?

Options:

files from War Room CLI WW

incident files section in layout builder

files and attachments filters

/files from War Room CLI

Answer

Explanation

[Reference: https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/war-room-view-full-content-in-a-new-tab-output-in-column-instead/td-p/386104, , ]

Questions # 14:

What is the primary mechanism for the attribution of attack surface data in Cortex Xpanse?

Options:

Active scanning with network-installed agents

Dark web monitoring

Customer-provided asset inventory lists

Scanning from public internet data sources

Answer

Explanation

The primary mechanism for the attribution of attack surface data in Cortex Xpanse is scanning from public internet data sources. Cortex Xpanse continuously scans the internet to identify assets that are potentially exposed or vulnerable, providing a comprehensive view of an organization's attack surface based on public-facing data.

Questions # 15:

Which service helps identify attackers by combining world-class threat intelligence with Cortex XSIAM technology?

Options:

Virtual Desktop Infrastructure

Managed Threat Hunting

Threat Intelligence Platform

Cloud Identity Engine

Answer

Explanation

Managed Threat Hunting combines world-class threat intelligence with Cortex XSIAM (Extended Security Intelligence and Automation Management) technology to help identify attackers. This service provides proactive threat hunting capabilities, allowing security teams to detect advanced threats and respond to potential attacks with the help of expert analysts and automated tools.

Questions # 16:

Cortex XDR external data ingestion processes ingest data from which sources?

Options:

windows event logs only

syslogs only

windows event logs, syslogs, and custom external sources

windows event logs and syslogs only

Answer

Explanation

[Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/External-Data-Ingestion, , ]

Questions # 17:

An existing Palo Alto Networks SASE customer expresses that their security operations practice is having difficulty using the SASE data to help detect threats in their environment. They understand that parts of the Cortex portfolio could potentially help them and have reached out for guidance on moving forward.

Which two Cortex products are good recommendation for this customer? (Choose two.)

Options:

Cortex XSOAR

Cortex XDR

Cortex

Cortex XSIAM

Answer

A, B

Explanation

Cortex XSOAR provides automation and orchestration capabilities to help streamline security operations and enhance threat detection by integrating with existing security tools and automating responses.

Cortex XDR offers advanced detection and response across endpoints, networks, and cloud, helping to correlate security data, detect threats, and respond effectively, especially when dealing with diverse security data sources.

Questions # 18:

In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three )