C Certs Club
Home
Oracle SAP Microsoft Cisco CompTIA Fortinet Salesforce Nutanix Linux Foundation Amazon View All Vendors →
Login Register

Palo Alto Networks PSE-Cortex - Palo Alto Networks System Engineer - Cortex Professional Certification Exam

Download Exam View Entire Exam
Page: 1 / 2
Question #1 (Topic: Demo Questions)

Which two items are stitched to the Cortex XDR causality chain'' (Choose two)

A.
firewall alert
B.
SIEM alert
C.
 full URL
D.
registry set value
Correct Answer: A, C
Explanation not available for this question.
Question #2 (Topic: Demo Questions)

In addition to migration and go-live, what are two best-practice steps for migrating from SIEM to Cortex XSIAM? (Choose two.)

A.
Execution
B.
Certification
C.
Conclusion
D.
Testing
Correct Answer: C, D
Explanation not available for this question.
Question #3 (Topic: Demo Questions)

A Cortex XSOAR customer wants to ingest emails from a single mailbox. The mailbox brings in reported phishing emails and email requests from human resources (HR) to onboard new users. The customer wants to run two separate workflows from this mailbox, one for phishing and one for onboarding.
What will allow Cortex XSOAR to accomplish this in the most efficient way?

A.
Create two instances of the email integration and classify one instance as ingesting incidents of type phishing and the other as ingesting incidents of type onboarding.
B.
Use an incident classifier based on a field in each type of email to classify those containing " Phish Alert " in the subject as phishing and those containing " Onboard Request " as onboarding.
C.
Create a playbook to process and determine incident type based on content of the email.
D.
Use machine learning (ML) to determine incident type.
Correct Answer: B
Explanation:

[Reference: https://xsoar.pan.dev/docs/reference/packs/email-communication, , , ]

Question #4 (Topic: Demo Questions)

In the DBotScore context field, which context key would differentiate between multiple entries for the same indicator in a multi-TIP environment?

A.
Vendor
B.
Type
C.
Using
D.
Brand
Correct Answer: A
Explanation not available for this question.
Question #5 (Topic: Demo Questions)

What is the primary mechanism for the attribution of attack surface data in Cortex Xpanse?

A.
Active scanning with network-installed agents
B.
Dark web monitoring
C.
Customer-provided asset inventory lists
D.
Scanning from public internet data sources
Next Question
Correct Answer: D
Explanation:
The primary mechanism for the attribution of attack surface data in Cortex Xpanse is scanning from public internet data sources. Cortex Xpanse continuously scans the internet to identify assets that are potentially exposed or vulnerable, providing a comprehensive view of an organization ' s attack surface based on public-facing data.