Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

PSE-CortexFree trial

By palo-alto-networks

Verified

25Q per page

Question 1

What does the Cortex XSOAR "Saved by Dbot" widget calculate?

A: amount saved in Dollars according to actions carried out by all users in Cortex XSOAR across all incidents
B: amount saved in Dollars by using Cortex XSOAR instead of other products
C: amount of time saved by each playbook task within an incident
D: amount of time saved by Dbot's machine learning (ML) capabilities

—

Question 2

A Cortex XSOAR customer has a phishing use case in which a playbook has been implemented with one of the steps blocking a malicious URL found in an email reported by one of the users.
What would be the appropriate next step in the playbook?

A: Email the CISO to advise that malicious email was found.
B: Disable the user's email account.
C: Email the user to confirm the reported email was phishing.
D: Change the user's password.

—

Question 3

What are two ways a customer can configure user authentication access Cortex Xpanse? (Choose two.)

A: Secure Shell (SSH)
B: SAML
C: RADIUS
D: Customer Support Portal (CSP)

—

Question 4

When preparing for a Cortex XSOAR proof of value (POV), which task should be performed before the evaluation is requested?

A: Ensuring that the customer has single sign-on (SSO) configured in their environment
B: Building out an executive-level proposal detailing the product capabilities
C: Planning for every different use case the customer has for the solution
D: Gathering a list of the different integrations that will need to be configured

—

Question 5

A customer has purchased Cortex XDR and requires phone support for the product.

Which Palo Alto Networks offering would fulfill this need?

A: Platinum Success
B: Premium Success
C: Diamond Success
D: Standard Success

—

Question 6

What is the function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM?

A: It provides a statistical model for combining scores from multiple vendors.
B: It resolves conflicting scores from different vendors with the same indicator.
C: It allows for comparison between open-source intelligence and paid services.
D: It helps identify threat feed vendors with invalid content.

—

Question 7

What allows the use of predetermined Palo Alto Networks roles to assign access rights to Cortex XDR users?

A: role-based access control (RBAC)
B: cloud identity engine (CIE)
C: endpoint groups
D: restrictions security profile

—

Question 8

A prospective customer is interested in Cortex XDR but is enable to run a product evaluation.

Which tool can be used instead to showcase Cortex XDR?

A: Test Flight
B: War Game
C: Tech Rehearsal
D: Capture the Flag

—

Question 9

In addition to migration and go-live, what are two best-practice steps for migrating from SIEM to Cortex XSIAM? (Choose two.)

A: Execution
B: Certification
C: Conclusion
D: Testing

—

Question 10

Which two actions are required to add indicators to the whitelist? (Choose two.)

A: Click "New Whitelisted Indicator" in the Whitelist page.
B: Upload an external file named "whitelist" to the Whitelist page.
C: Upload an external file named "whitelist" to the Indicators page.
D: Select the indicators and click "Delete and Whitelist" in the Indicators page.

—

Question 11

Which Cortex XSIAM license is required if an organization needs to protect a cloud Kubernetes host?

A: Attack Surface Management
B: Cortex XSIAM Enterprise
C: Identity Threat Detection and Response
D: Cortex XSIAM Enterprise Plus

—

Question 12

Which statement applies to the malware protection flow of the endpoint agent in Cortex XSIAM?

A: A file from an allowed signer is exempt from local analysis.
B: Local analysis always happens before a WildFire verdict check.
C: Hash comparisons come after local static analysis.
D: The block list is verified in the final step.

—

Question 13

Which playbook feature allows concurrent execution of tasks?

A: parallel tasks
B: automation tasks
C: manual tasks
D: conditional tasks

—

Question 14

Which two Cortex XSOAR incident type features can be customized under Settings > Advanced > Incident Types? (Choose two.)

A: adding new fields to an incident type
B: setting reminders for an incident service level agreement (SLA)
C: defining whether a playbook runs automatically when an incident type is encountered
D: dropping new incidents of the same type that contain similar information

—

That’s the end of your free questions

You’ve reached the preview limit for PSE-Cortex

Consider upgrading to gain full access!

Page 1 of 3 • Questions 1-25 of 70

1 2 3

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!