Paloalto Networks PSE-Cortex Palo Alto Networks System Engineer Cortex Professional Version: Demo [ Total Questions: 10] Web: www.dumpsleader.com Email: firstname.lastname@example.org IMPORTANT NOTICE Feedback We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at email@example.com Support If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at firstname.lastname@example.org and our technical experts will provide support within 24 hours. Copyright The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement. Valid Questions and Answers Paloalto Networks - PSE-Cortex Question #:1 An administrator of a Cortex XDR protected production environment would like to test its ability to protect users from a known flash player exploit. What is the safest way to do it? A. The administrator should attach a copy of the weapomzed flash file to an email, send the email to a selected group of employees, and monitor the Events tab on the Cortex XDR console B. The administrator should use the Cortex XDR tray icon to confirm his corporate laptop is fully protected then open the weaponized flash file on his machine, and monitor the Events tab on the Cortex XDR console. C. The administrator should create a non-production Cortex XDR test environment that accurately represents the production environment, introduce the weaponized flash file, and monitor the Events tab on the Cortex XDR console. D. The administrator should place a copy of the weaponized flash file on several USB drives, scatter them around the office and monitor the Events tab on the Cortex XDR console Answer: A Question #:2 Which deployment type supports installation of an engine on Windows, Mac OS. and Linux? A. RPM B. SH C. DEB D. ZIP Answer: D Explanation https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/install-deploy-and-configure-de Question #:3 During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window. 100% Valid Questions - Guaranteed Success 1 of 5 Valid Questions and Answers Paloalto Networks - PSE-Cortex During the service instance provisioning which three DNS host names are created? (Choose three.) A. cc-xnet50.traps.paloaltonetworks.com B. hc-xnet50.traps.paloaltonetworks.com C. cc-xnet.traps.paloaltonetworks.com D. cc.xnet50traps.paloaltonetworks.com E. xnettraps.paloaltonetworks.com F. ch-xnet.traps.paloaltonetworks.com Answer: A C F Question #:4 How do sub-playbooks affect the Incident Context Data? A. When set to private, task outputs do not automatically get written to the root context B. When set to private, task outputs automatically get written to the root context C. When set to global, allows parallel task execution. D. When set to global, sub-playbook tasks do not have access to the root context Answer: D Question #:5 A General Purpose Dynamic Section can be added to which two layouts for incident types? (Choose two) A. "Close" Incident Form B. Incident Summary C. Incident Quick View D. "New"/Edit" Incident Form 100% Valid Questions - Guaranteed Success 2 of 5 Valid Questions and Answers Paloalto Networks - PSE-Cortex Answer: B C Question #:6 An administrator has a critical group of systems running Windows XP SP3 that cannot be upgraded The administrator wants to evaluate the ability of Traps to protect these systems and the word processing applications running on them How should an administrator perform this evaluation? A. Gather information about the word processing applications and run them on a Windows XP SP3 VM Determine if any of the applications are vulnerable and run the exploit with an exploitation tool B. Run word processing exploits in a latest version of Windows VM in a controlled and isolated environment. Document indicators of compromise and compare to Traps protection capabilities C. Run a known 2015 flash exploit on a Windows XP SP3 VM. and run an exploitation tool that acts as a listener Use the results to demonstrate Traps capabilities D. Prepare the latest version of Windows VM Gather information about the word processing applications, determine if some of them are vulnerable and prepare a working exploit for at least one of them Execute with an exploitation tool Answer: C Question #:7 Cortex XDR can schedule recurring scans of endpoints for malware. Identify two methods for initiating an on-demand malware scan (Choose two ) A. Response > Action Center B. the local console C. Telnet D. Endpoint > Endpoint Management Answer: A C Question #:8 A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake. Where would the user configure the ratio of storage for each log type? A. Within the TMS, create an agent settings profile and modify the Disk Quota value B. It is not possible to configure Cortex Data Lake quota for specific log types. C. Go to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota D. 100% Valid Questions - Guaranteed Success 3 of 5 Valid Questions and Answers Paloalto Networks - PSE-Cortex D. Write a GPO for each endpoint agent to check in less often Answer: C Question #:9 A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows; What is the remaining configuration? A) B) C) 100% Valid Questions - Guaranteed Success 4 of 5 Valid Questions and Answers Paloalto Networks - PSE-Cortex D) A. Option A B. Option B C. Option C D. Option D Answer: D Question #:10 In an Air-Gapped environment where the Docker package was manually installed after the Cortex XSOAR installation which action allows Cortex XSOAR to access Docker? A. create a “docker” group and add the "Cortex XSOAR" or "demisto" user to this group B. create a "Cortex XSOAR' or "demisto" group and add the "docker" user to this group C. disable the Cortex XSOAR service D. enable the docker service Answer: B 100% Valid Questions - Guaranteed Success 5 of 5 About dumpsleader.com dumpsleader.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests. We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. View list of all certification exams: All vendors We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below. Sales: email@example.com Feedback: firstname.lastname@example.org Support: email@example.com Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.