Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
Paloalto Networks
PSE-Cortex Professional
PSE-Cortex-Pro-24
Palo Alto Networks Systems Engineer Professional - Cortex Questions and Answers

Pass the Paloalto Networks PSE-Cortex Professional PSE-Cortex-Pro-24 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam PSE-Cortex-Pro-24 Premium Access

View all detail and faqs for the PSE-Cortex-Pro-24 exam

Go to Exam

811 Students Passed

94% Average Score

93% Same Questions

Viewing page 4 out of 5 pages

Viewing questions 31-40 out of questions

Questions # 31:

Which action should be performed by every Cortex Xpanse proof of value (POV)?

Options:

Grant the customer access to the management console immediately following activation.

Provide the customer with an export of all findings at the conclusion of the POV.

Enable all of the attach surface rules to show the highest number of alerts.

Review the mapping in advance to identity a few interesting findings to share with the customer.

Answer

Explanation

During a Cortex Xpanse proof of value (POV), it's important to review the mapping in advance to identify a few interesting findings to share with the customer. This helps highlight the product's value and allows the customer to see actionable insights early in the evaluation process, making the POV more impactful.

Questions # 32:

Which feature of Cortex Xpanse allows it to identify previously unknown assets?

Options:

Dynamic asset registration

Scheduled network scanning

Continuous internet scanning

Active directory enumeration

Answer

Explanation

Cortex Xpanse uses continuous internet scanning to identify previously unknown assets. This feature allows the platform to continuously monitor the internet for new or unregistered assets that could be associated with an organization's network, providing real-time visibility into potential exposure or vulnerabilities.

Questions # 33:

Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?

Question # 33

Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)

Options:

Generic Polling Automation Playbook

Playbook Tasks

Sub-Play books

Playbook Functions

Answer

A, C

Questions # 34:

A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?

Options:

Extend the POC window to allow the solution architects to build it

Tell them we can build it with Professional Services.

Tell them custom integrations are not created as part of the POC

Agree to build the integration as part of the POC

Answer

Questions # 35:

What is the recommended first step in planning a Cortex XDR deployment?

Options:

Implement Cortex XDR across all endpoints without assessing architecture or assets

Deploy agents across the entire environment for immediate protection.

Deploy Cortex XDR on endpoints with the highest potential for attack.

Conduct an assessment and identify critical assets and endpoint within the environment.

Answer

Explanation

The recommended first step in planning a Cortex XDR deployment is to conduct an assessment and identify critical assets and endpoints within the environment. This ensures that the deployment is targeted and effective, focusing on the most critical parts of the infrastructure that are most likely to be attacked or compromised.

Questions # 36:

The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console. What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

Options:

add paloaltonetworks.com to the SSL Decryption Exclusion list

enable SSL decryption

disable SSL decryption

reinstall the root CA certificate

Answer

Questions # 37:

A customer is hesitant to directly connect their network to the Cortex platform due to compliance restrictions.

Which deployment method should the customer use to ensure secure connectivity between their network and the Cortex platform?

Options:

Elasticsearch

Broker VM

Syslog collector

Windows Event Collector

Answer

Explanation

To ensure secure connectivity between the customer's network and the Cortex platform while adhering to compliance restrictions, the customer should use the Broker VM. The Broker VM acts as a secure intermediary between the local network and the Cortex platform, allowing for controlled and encrypted communication without directly exposing the network to the platform.

Questions # 38:

Rearrange the steps into the correct order for modifying an incident layout.

Question # 38

Options:

Answer

Answer:

Explanation

Correct

Questions # 39:

A General Purpose Dynamic Section can be added to which two layouts for incident types? (Choose two)

Options:

"Close" Incident Form

Incident Summary

Incident Quick View

"New"/Edit" Incident Form

Answer

B, C

Questions # 40:

Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?

Options:

RPM

DEB

ZIP

Answer

Explanation

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/install-deploy-and-configure-demisto-engines/create-a-new-engine.html

Viewing page 4 out of 5 pages

Viewing questions 31-40 out of questions