Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Paloalto Networks
  3. PSE-Cortex Professional
  4. PSE-Cortex - Palo Alto Networks System Engineer - Cortex Professional

PSE-Cortex Exam Dumps - Palo Alto Networks System Engineer - Cortex Professional

Go to page:
Question # 9

Cortex XSOAR has extracted a malicious Internet Protocol (IP) address involved in command-and-control (C2) traffic.

What is the best method to block this IP from communicating with endpoints without requiring a configuration change on the firewall?

A.

Have XSOAR automatically add the IP address to a threat intelligence management (TIM) malicious IP list to elevate priority of future alerts.

B.

Have XSOAR automatically add the IP address to a deny rule in the firewall.

C.

Have XSOAR automatically add the IP address to an external dynamic list (EDL) used by the firewall.

D.

Have XSOAR automatically create a NetOps ticket requesting a configuration change to the firewall to block the IP.

Full Access
Question # 10

Which two log types should be configured for firewall forwarding to the Cortex Data Lake for use by Cortex XDR? (Choose two)

A.

Security Event

B.

HIP

C.

Correlation

D.

Analytics

Full Access
Question # 11

Which task setting allows context output to a specific key?

A.

extend context

B.

stop on errors

C.

task output

D.

lags

Full Access
Question # 12

Which solution profiles network behavior metadata, not payloads and files, allowing effective operation regardless of encrypted or unencrypted communication protocols, like HTTPS?

A.

endpoint protection platform (EPP)

B.

Security Information and Event Management (SIEM)

C.

endpoint detection and response (EDR)

D.

Network Detection and Response (NDR)

Full Access
Question # 13

What is the function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM?

A.

It provides a statistical model for combining scores from multiple vendors

B.

It resolves conflicting scores from different vendors with the same indicator.

C.

It allows for comparison between open-source intelligence and paid services.

D.

It helps identify threat feed vendors with invalid content.

Full Access
Question # 14

Cortex XDR external data ingestion processes ingest data from which sources?

A.

windows event logs only

B.

syslogs only

C.

windows event logs, syslogs, and custom external sources

D.

windows event logs and syslogs only

Full Access
Question # 15

What is the result of creating an exception from an exploit security event?

A.

Administrators are exempt from generating alerts for 24 hours.

B.

Process from WildFire analysis is whitelisted.

C.

Triggered exploit protection module (EPM) for the host and process involved is disabled.

D.

User is exempt from generating events for 24 hours.

Full Access
Question # 16

A Cortex XSIAM customer is unable to access their Cortex XSIAM tenant.

Which resource can the customer use to validate the uptime of Cortex XSIAM?

A.

Administrator Guide

B.

LIVEcommunity

C.

Release Notes

D.

Palo Alto Networks Status Page

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps