Palo Alto Networks PSE Cortex Professional Exam Dumps

Text Material Preview

PSE Cortex
Real Dumps
https://www.certspots.com/exam/pse-cortex/
Palo Alto Networks PSE Cortex Real Dumps
1. What allows the use of predetermined Palo Alto Networks 
roles to assign access rights to Cortex XDR users?
A. Restrictions security profile
B. Cloud identity engine (CIE)
C. Endpoint groups
D. role-based access control (RBAC)
Answer: D
Palo Alto Networks PSE Cortex Real Dumps
2. How can Cortex XSOAR save time when a phishing incident 
occurs?
A. Automatically identify and create cases for every mailbox that 
received the phish
B. Automatically email staff to warn about the phishing attack
C. Automatically purge the email from unopened mailboxes
D. Automatically respond to the phishing email to unsubscribe
Answer: A
Palo Alto Networks PSE Cortex Real Dumps
3. Which statement applies to a Cortex XSOAR engine that is 
part of a loadbalancing group?
A. It does not appear in the engine dropdown menu when 
configuring an integration instance
B. It must be in a group with at least three additional members
C. It can be used separately if directly connected to the XSOAR 
server
D. It must have port 443 open to allow XSOAR server 
connection
Answer: C
Palo Alto Networks PSE Cortex Real Dumps
4. What is a benefit of user entity behavior analytics (UEBA) over 
security information and event management (SIEM)?
A. UEBA can add trusted signers to a whitelist
B. UEBA establishes a secure connection for log and file 
collection
C. SIEMs struggle to detect unknown or advanced threats like 
credential theft
D. SIEM supports only agentless scanning
Answer: C
Palo Alto Networks PSE Cortex Real Dumps
5. What allows the use of predetermined Palo Alto Networks 
roles to assign access rights to Cortex XDR users?
A. Restrictions security profile
B. Cloud identity engine
C. Endpoint groups
D. Rolebased access control (RBAC)
Answer: D
Palo Alto Networks PSE Cortex Real Dumps
6. Cortex XSOAR has extracted a malicious IP address involved 
in C2 traffic. What method blocks this IP without needing 
firewall configuration changes?
A. Add the IP address to a deny rule in the firewall
B. Add the IP address to a TIM malicious IP list to elevate future 
alert priority
C. Add the IP address to an external dynamic list (EDL) used by 
the firewall
D. Create a NetOps ticket for a firewall configuration change to 
block the IP
Answer: C
Palo Alto Networks PSE Cortex Real Dumps
7. What is the result of creating an exception from an exploit 
security event in Cortex XDR?
A. Triggered exploit protection module for the host and process 
involved is disabled
B. User is exempt from generating events for 24 hours
C. Process from WildFire analysis is whitelisted
D. Administrators are exempt from generating alerts for 24 
hours
Answer: A
Palo Alto Networks PSE Cortex Real Dumps
8. What are two reasons incident investigation is needed in 
Cortex XDR? (Choose two)
A. Insider Threats may not be blocked and initial activity may 
go undetected
B. Detailed reports are needed for senior management to 
justify the cost of XDR
C. No solution will stop every attack requiring further 
investigation of activity
D. Analyst need to acquire forensic artifacts of malware that 
has been blocked by the XDR agent
Answer: A,D
Palo Alto Networks PSE Cortex Real Dumps
9. Which method is used for third-party network data 
consumption?
A. File reader to the /var/log/messagers file on the device
B. Open Database Connectivity (OOBC) connection to network 
device database
C. Common Event Format (CEF) via broker Syslog module
D. Scripts library from the action center
Answer: C
Palo Alto Networks PSE Cortex Real Dumps
10. Why is reputation scoring important in the Threat 
Intelligence Module of Cortex XSOAR?
A. It helps identify threat intelligence vendors with substandard 
content
B. It provides a mathematical model for combining scores from 
multiple vendors
C. It allows for easy comparison between open-source 
intelligence and paid services
D. It deconflicts prioritization when two vendors give different 
scores for the same indicator
Answer: B