Palo Alto Networks System Engineer - Cortex Professional Exam

Certification Provider: Palo Alto Networks

Exam Name: Palo Alto Networks System Engineer - Cortex Professional

Number of questions in our database: 60

Exam Version: Nov. 20, 2022

Exam Official Topics:

Topic 1: Single Topic

Free Palo Alto Networks Palo Alto Networks System Engineer - Cortex Professional Exam Actual Questions

The questions for Palo Alto Networks System Engineer - Cortex Professional were last updated On Nov. 20, 2022

Question #1

An Administrator is alerted to a Suspicious Process Creation security event from multiple users.

The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

AWith the Malware Security profile, disable the 'Prevent Malicious Child Process Execution' module

BWithin the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist

CIn the Cortex XDR security event, review the specific parent process, child process, and command line arguments

DContact support and ask for a security exception.

Reveal Solution

Correct Answer: B, C

Question #2

Which Cortex XDR capability extends investigations to an endpoint?

ALog Stitching

BCausality Chain

CSensors

DLive Terminal

Reveal Solution

Correct Answer: A

https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-concepts

Question #3

Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)

AIP

Bendpoint hostname

Cdomain

Dregistry entry

Reveal Solution

Correct Answer: A, C

Question #4

A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake.

Where would the user configure the ratio of storage for each log type?

AWithin the TMS, create an agent settings profile and modify the Disk Quota value

BIt is not possible to configure Cortex Data Lake quota for specific log types.

CGo to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota

DWrite a GPO for each endpoint agent to check in less often

Reveal Solution

Correct Answer: C

Question #5

An adversary is attempting to communicate with malware running on your network for the purpose of controlling malware activities or for ex filtrating data from your network. Which Cortex XDR Analytics alert is this activity most likely to trigger'?

AUncommon Local Scheduled Task Creation

BMalware

CNew Administrative Behavior

DDNS Tunneling

Reveal Solution

Correct Answer: B

Unlock all Palo Alto Networks System Engineer - Cortex Professional Exam Questions with Advanced Practice Test Features:

Select Question Types you want
Set your Desired Pass Percentage
Allocate Time (Hours : Minutes)
Create Multiple Practice tests with Limited Questions
Customer Support

Get Full Access Now

Disscuss Palo Alto Networks Palo Alto Networks System Engineer - Cortex Professional Topics, Questions or Ask Anything Related

Submit Cancel