Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

PSE-Cortex by Palo Alto Networks - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 3 • Questions 1-25 of 70

1 2 3

→

Know a question that should be here? Contribute to this exam

What does the Cortex XSOAR "Saved by Dbot" widget calculate?

A amount saved in Dollars according to actions carried out by all users in Cortex XSOAR across all incidents
B amount saved in Dollars by using Cortex XSOAR instead of other products
C amount of time saved by each playbook task within an incident
D amount of time saved by Dbot's machine learning (ML) capabilities

A Cortex XSOAR customer has a phishing use case in which a playbook has been implemented with one of the steps blocking a malicious URL found in an email reported by one of the users.
What would be the appropriate next step in the playbook?

A Email the CISO to advise that malicious email was found.
B Disable the user's email account.
C Email the user to confirm the reported email was phishing.
D Change the user's password.

What are two ways a customer can configure user authentication access Cortex Xpanse? (Choose two.)

A Secure Shell (SSH)
B SAML
C RADIUS
D Customer Support Portal (CSP)

When preparing for a Cortex XSOAR proof of value (POV), which task should be performed before the evaluation is requested?

A Ensuring that the customer has single sign-on (SSO) configured in their environment
B Building out an executive-level proposal detailing the product capabilities
C Planning for every different use case the customer has for the solution
D Gathering a list of the different integrations that will need to be configured

A customer has purchased Cortex XDR and requires phone support for the product.

Which Palo Alto Networks offering would fulfill this need?

A Platinum Success
B Premium Success
C Diamond Success
D Standard Success

What is the function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM?

A It provides a statistical model for combining scores from multiple vendors.
B It resolves conflicting scores from different vendors with the same indicator.
C It allows for comparison between open-source intelligence and paid services.
D It helps identify threat feed vendors with invalid content.

What allows the use of predetermined Palo Alto Networks roles to assign access rights to Cortex XDR users?

A role-based access control (RBAC)
B cloud identity engine (CIE)
C endpoint groups
D restrictions security profile

A prospective customer is interested in Cortex XDR but is enable to run a product evaluation.

Which tool can be used instead to showcase Cortex XDR?

A Test Flight
B War Game
C Tech Rehearsal
D Capture the Flag

In addition to migration and go-live, what are two best-practice steps for migrating from SIEM to Cortex XSIAM? (Choose two.)

A Execution
B Certification
C Conclusion
D Testing

Which two actions are required to add indicators to the whitelist? (Choose two.)

A Click "New Whitelisted Indicator" in the Whitelist page.
B Upload an external file named "whitelist" to the Whitelist page.
C Upload an external file named "whitelist" to the Indicators page.
D Select the indicators and click "Delete and Whitelist" in the Indicators page.

Which Cortex XSIAM license is required if an organization needs to protect a cloud Kubernetes host?

A Attack Surface Management
B Cortex XSIAM Enterprise
C Identity Threat Detection and Response
D Cortex XSIAM Enterprise Plus

Which statement applies to the malware protection flow of the endpoint agent in Cortex XSIAM?

A A file from an allowed signer is exempt from local analysis.
B Local analysis always happens before a WildFire verdict check.
C Hash comparisons come after local static analysis.
D The block list is verified in the final step.

Which playbook feature allows concurrent execution of tasks?

A parallel tasks
B automation tasks
C manual tasks
D conditional tasks

Which two Cortex XSOAR incident type features can be customized under Settings > Advanced > Incident Types? (Choose two.)

A adding new fields to an incident type
B setting reminders for an incident service level agreement (SLA)
C defining whether a playbook runs automatically when an incident type is encountered
D dropping new incidents of the same type that contain similar information