試験問題と解答はPSE-Cortex学習ガイド問題を試そう! [Q46-Q71]

Share

試験問題と解答はPSE-Cortex学習ガイド問題を試そう!

Palo Alto Networks System Engineer - Cortex Professional認証サンプル問題と練習試験合格させます


Palo Alto Networks PSE-Cortex 試験は、Cortex XDR、Cortex Data Lake、およびCortex XSOARの展開、構成、管理に関するスキルと知識を検証するために設計された認定プログラムです。この試験は、高度なサイバー脅威から保護する包括的なセキュリティソリューションを設計および実装できるかどうかを評価することを目的としています。

 

質問 # 46
Which command is used to add Cortex XSOAR "User1" to an investigation from the War Room command- line interface (CLI)?

  • A. #User1
  • B. @User1
  • C. !invite User1
  • D. /invite User1

正解:C


質問 # 47
What does the Cortex XSOAR "Saved by Dbot" widget calculate?

  • A. amount saved in Dollars according to actions carried out by all users in Cortex XSOAR across all incidents
  • B. amount saved in Dollars by using Cortex XSOAR instead of other products
  • C. amount of time saved by Dbot's machine learning (ML) capabilities
  • D. amount of time saved by each playbook task within an incident

正解:A


質問 # 48
In addition to incident volume, which four critical factors must be evaluated to determine effectiveness and ROI on cybersecurity planning and technology?

  • A. People, security controls, mean time to detect, false positives
  • B. Standard operating procedures, staffing costs, duplicates, mean time to respond
  • C. Analyst, training costs, duplicated, false positives
  • D. People, staffing costs, duplicates, false positives

正解:A

解説:
When evaluating the effectiveness and ROI on cybersecurity planning and technology, it's important to consider people, security controls, mean time to detect (MTTD), and false positives. These factors help ensure that the security infrastructure is both efficient and effective in preventing, detecting, and responding to threats, while optimizing the overall cost and resource allocation.


質問 # 49
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.) SUCCESS

  • A. The modified script required a different parameter to run successfully.
  • B. The modified script attempted to access a dictionary key that did not exist in the dictionary named
    "data"
  • C. The modified scnpt was run in the wrong Docker image
  • D. The dictionary was defined incorrectly in the second script.

正解:C


質問 # 50
What is the result of creating an exception from an exploit security event?

  • A. disables the triggered EPM for the host and process involve
  • B. exempts administrators from generating alerts for 24 hours
  • C. White lists the process from Wild Fire analysis
  • D. exempts the user from generating events for 24 hours

正解:A


質問 # 51
Which two areas of Cortex XDR are used for threat hunting activities? (Choose two.)

  • A. query builder
  • B. live terminal
  • C. host insights module
  • D. indicators of compromise (IOC) rules

正解:A、C

解説:
Reference: https://www.paloaltonetworks.com/cortex/managed-threat-hunting


質問 # 52
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)

  • A. OS
  • B. hostname
  • C. attack threat intelligence tag
  • D. Domain/workgroup membership
  • E. quarantine status

正解:A、B、D


質問 # 53
What must a customer deploy prior to collecting endpoint data in Cortex XSIAM?

  • A. Playbook
  • B. Broker VM
  • C. XDR agent
  • D. External dynamic list

正解:B


質問 # 54
An Administrator is alerted to a Suspicious Process Creation security event from multiple users.
The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

  • A. With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module
  • B. Contact support and ask for a security exception.
  • C. In the Cortex XDR security event, review the specific parent process, child process, and command line arguments
  • D. Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist

正解:C、D


質問 # 55
A customer agrees to do a 30-day proof of concept (POC) and wants to integrate with a product with which Cortex XSOAR is not currently integrated.
What is the appropriate response to this customer?

  • A. Explain that custom integrations are not included in the POC.
  • B. Explain that it can be built by Professional Services, but it will take an additional 30 days.
  • C. Extend the POC window to allow the solution architects to build it.
  • D. Agree to build the integration as part of the POC.

正解:A


質問 # 56
What does the Cortex XSOAR "Saved by Dbot" widget calculate?

  • A. amount saved in Dollars according to actions carried out by all users in Cortex XSOAR across all incidents
  • B. amount saved in Dollars by using Cortex XSOAR instead of other products
  • C. amount of time saved by Dbot's machine learning (ML) capabilities
  • D. amount of time saved by each playbook task within an incident

正解:A

解説:
Reference: https://xsoar.pan.dev/docs/integrations/dbot


質問 # 57
Which aspect of Cortex Xpanse allows for visibility over remote workforce risks?

  • A. The presence of a portal for remote workers to use for posture checking
  • B. The ability to identify customer assets on residential networks
  • C. The deployment of a Cortex Xpanse agent on the remote endpoint
  • D. The use of a VPN connection to scan remote devices

正解:B


質問 # 58
Approximately how many Cortex XSOAR marketplace integrations exist?

  • A. Between 1-400
  • B. Between 700-2000
  • C. Over 2000
  • D. Between 400-700

正解:B


質問 # 59
A Cortex XSIAM customer is unable to access their Cortex XSIAM tenant.
Which resource can the customer use to validate the uptime of Cortex XSIAM?

  • A. LIVEcommunity
  • B. Administrator Guide
  • C. Palo Alto Networks Status Page
  • D. Release Notes

正解:C


質問 # 60
Which method is used for third-party network data consumption?

  • A. scripts library from the action center
  • B. Open Database Connectivity (ODBC) connection to network device database
  • C. Common Event Format (CEF) via broker Syslog module
  • D. file reader to the /var/log/messages file on the device

正解:C


質問 # 61
An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network.
Which Cortex XDR Analytics alert will this activity most likely trigger?

  • A. DNS Tunneling
  • B. new administrative behavior
  • C. malware
  • D. uncommon local scheduled task creation

正解:A


質問 # 62
What is the requirement for enablement of endpoint and network analytics in Cortex XDR?

  • A. Logs from at least 30 endpoints over a minimum of two weeks
  • B. Windows DHCP logs ingested via a Cortex XDR collector
  • C. Cloud Identity Engine configured and enabled
  • D. Network Mapper applet on the Broker VM configured and enabled

正解:A


質問 # 63
The prospect is deciding whether to go with a phishing or a ServiceNow use case as part of their POC We have integrations for both but a playbook for phishing only Which use case should be used for the POC?

  • A. phishing
  • B. ServiceNow
  • C. neither
  • D. either

正解:A


質問 # 64
What is a benefit offered by Cortex XSOAR?

  • A. It enables a comprehensive view of the customer environment with regard to digital employee productivity.
  • B. It provides real-time protection across hosts and containers.
  • C. It enables consolidation of multiple point products into a single integrated service.
  • D. It provides advanced customization capabilities.

正解:D

解説:
Reference: https://www.exclusive-networks.com/uk/wp-content/uploads/sites/28/2021/07/cortex-xsoar- DATASHEET.pdf


質問 # 65
What is the requirement for enablement of endpoint and network analytics in Cortex XDR?

  • A. Logs from at least 30 endpoints over a minimum of two weeks
  • B. Windows DHCP logs ingested via a Cortex XDR collector
  • C. Cloud Identity Engine configured and enabled
  • D. Network Mapper applet on the Broker VM configured and enabled

正解:A

解説:
To enable endpoint and network analytics in Cortex XDR, the requirement is to have logs from at least 30 endpoints over a minimum of two weeks. This provides sufficient data for Cortex XDR to perform effective analytics and detection, helping identify trends and potential threats.


質問 # 66
Which statement applies to the malware protection flow in Cortex XDR Prevent?

  • A. In the final step, the block list is verified.
  • B. Hash comparisons come after local static analysis.
  • C. A trusted signed file is exempt from local static analysis.
  • D. Local static analysis happens before a WildFire verdict check.

正解:C


質問 # 67
Where is the best place to find official resource material?

  • A. Online forums
  • B. Technical blogs
  • C. Administrator's guide
  • D. Video series

正解:C

解説:
The best place to find official resource material for a product or solution is typically the Administrator's guide. It contains authoritative, comprehensive, and up-to-date information on setup, configuration, troubleshooting, and best practices directly from the product's vendor.


質問 # 68
Which two items are stitched to the Cortex XDR causality chain? (Choose two.)

  • A. firewall alert
  • B. full uniform resource locator (URL)
  • C. registry set value
  • D. security and information event management (SIEM) alert

正解:A、B


質問 # 69
A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?

  • A. Tell them we can build it with Professional Services.
  • B. Agree to build the integration as part of the POC
  • C. Extend the POC window to allow the solution architects to build it
  • D. Tell them custom integrations are not created as part of the POC

正解:B


質問 # 70
What is used to display only file entries in a War Room?

  • A. incident files section in layout builder
  • B. files and attachments filters
  • C. files from War Room CLI WW
  • D. /files from War Room CLI

正解:B

解説:
Reference: https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/war-room-view-full-content-in-a- new-tab-output-in-column-instead/td-p/386104


質問 # 71
......


Palo Alto Networks PSE -Cortex(Palo Alto Networks System Engineer -Cortex Professional)認定試験は、Palo Alto Alto Networks Cortex XDR、Cortex Data Lake、Cortex Xsoarの展開、構成、管理の専門家のスキルと知識を検証するように設計されています。 。この認定は、Palo Alto Networks Cortex Solutionsを使用して組織のセキュリティ姿勢を強化するための専門知識を実証したいシステムエンジニア、セキュリティエンジニア、および技術サポートの専門家に最適です。

 

PSE-Cortex認証問題集PSE-Cortex Professional PSE-Cortexガイド 100%有効:https://jp.fast2test.com/PSE-Cortex-premium-file.html

100%合格率の問題集を使ってあなたのPSE-Cortex試験を一発合格:https://drive.google.com/open?id=1a8PfeeP63yUZir692hnMkTsn42vzLZqB


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어