Welcome to TestSimulate

Pass Your Next Certification Exam Fast!

Everything you need to prepare, learn & pass your certification exam easily.

365 days free updates. First attempt guaranteed success.

  • Home
  • Blogs
  • PSE-Cortex Free Certification Exam Material from TestSimulate with 60 Questions [Q31-Q47]

PSE-Cortex Free Certification Exam Material from TestSimulate with 60 Questions [Q31-Q47]

Share

PSE-Cortex Free Certification Exam Material from TestSimulate with 60 Questions

Use Real PSE-Cortex - 100% Cover Real Exam Questions

NEW QUESTION 31
Which two filter operators are available in Cortex XDR? (Choose two.)

  • A. Contains
  • B. < >
  • C. =
  • D. Is Contained By

Answer: A,C

 

NEW QUESTION 32
Rearrange the steps into the correct order for modifying an incident layout.

Answer:

Explanation:

 

NEW QUESTION 33
Which step is required to prepare the VDI Golden Image?

  • A. Ensure the latest content updates are installed
  • B. Run the VDI conversion tool
  • C. Review any PE files that WildFire determined to be malicious
  • D. Set the memory dumps to manual setting

Answer: D

 

NEW QUESTION 34
What is the retention requirement for Cortex Data Lake sizing?

  • A. number of days
  • B. number of endpoints
  • C. number of VM-Series NGFW
  • D. logs per second

Answer: A

Explanation:
https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-cortex-data-lake/set-log-storage-quota

 

NEW QUESTION 35
Given the exception thrown in the accompanying image by the Demisto REST API integration, which action would most likely solve the problem?

Which two playbook functionalities allow looping through a group of tasks during playbook execution?
(Choose two.)

  • A. Playbook Functions
  • B. Generic Polling Automation Playbook
  • C. Playbook Tasks
  • D. Sub-Play books

Answer: A,D

 

NEW QUESTION 36
Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types? (Choose three.)

  • A. Define the way that incidents of a specific type are displayed in the system
  • B. Drop new incidents of the same type that contain similar information
  • C. Set reminders for an incident SLA
  • D. Add new fields to an incident type
  • E. Define whether a playbook runs automatically when an incident type is encountered

Answer: A,C,E

 

NEW QUESTION 37
The images show two versions of the same automation script and the results they produce when executed in Demisto. What are two possible causes of the exception thrown in the second Image? (Choose two.) SUCCESS

  • A. The modified script required a different parameter to run successfully.
  • B. The modified script attempted to access a dictionary key that did not exist in the dictionary named
    "data"
  • C. The modified scnpt was run in the wrong Docker image
  • D. The dictionary was defined incorrectly in the second script.

Answer: C

 

NEW QUESTION 38
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three )

  • A. presence of Flash executable
  • B. alert root cause
  • C. domain/workgroup membership
  • D. OS
  • E. hostname

Answer: C,D,E

 

NEW QUESTION 39
Which two formats are supported by Whitelist? (Choose two)

  • A. CSV
  • B. CIDR
  • C. Regex
  • D. STIX

Answer: A,B

 

NEW QUESTION 40
Cortex XDR can schedule recurring scans of endpoints for malware. Identify two methods for initiating an on-demand malware scan (Choose two )

  • A. Telnet
  • B. Response > Action Center
  • C. the local console
  • D. Endpoint > Endpoint Management

Answer: A,B

 

NEW QUESTION 41
Which Cortex XDR Agent capability prevents loading malicious files from USB-connected removable equipment?

  • A. Agent Configuration
  • B. Agent Management
  • C. Device Customization
  • D. Device Control

Answer: D

Explanation:
https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231

 

NEW QUESTION 42
Rearrange the steps into the correct order for modifying an incident layout.

Answer:

Explanation:

1 - Navigate to Settings > Advanced > Incident Types
2 - Select the incident type you want to customize the layout view for
3 - Edit the layout
4 - Select the Edit Layout option
5 - Navigate to Settings > Layout Builder

 

NEW QUESTION 43
A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows;

What is the remaining configuration?
A)

B)

C)

D)

  • A. Option D
  • B. Option C
  • C. Option B
  • D. Option A

Answer: A

 

NEW QUESTION 44
What method does the Traps agent use to identify malware during a scheduled scan?

  • A. Local analysis
  • B. Heuristic analysis
  • C. Signature comparison
  • D. WildFire hash comparison and dynamic analysis

Answer: D

 

NEW QUESTION 45
Which CLI query would bring back Notable Events from Splunk?
A)

B)

C)

D)

  • A. Option D
  • B. Option C
  • C. Option B
  • D. Option A

Answer: A

 

NEW QUESTION 46
When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?

  • A. splunk-get-alerts integration command
  • B. Cortex XSOAR TA App for Splunk
  • C. SplunkSearch automation
  • D. SplunkGO integration

Answer: B

 

NEW QUESTION 47
......

Dumps Brief Outline Of The PSE-Cortex Exam: https://www.testsimulate.com/PSE-Cortex-study-materials.html

Related Blogs

more
Go To PSE-Cortex Questions

Copyright © 2026 TESTSIMULATE.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.