All PSE-Cortex Test Inside Paloalto Networks Questions

Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Question 25

Which two filter operators are available in Cortex XDR? (Choose two.)

not Contains

< >

Question 26

What is the recommended first step in planning a Cortex XDR deployment?

Implement Cortex XDR across all endpoints without assessing architecture or assets

Deploy agents across the entire environment for immediate protection.

Deploy Cortex XDR on endpoints with the highest potential for attack.

Conduct an assessment and identify critical assets and endpoint within the environment.

Question 27

Cortex XSOAR has extracted a malicious IP address involved in command-and-control traffic.

What is the best method to automatically block this IP from communicating with endpoints without requiring a configuration change on the firewall?

Create a NetOps ticket requesting a configuration change to the firewall to block the IP.

Add the IP address to an external dynamic list used by the firewall.

Add the IP address to a threat intelligence management malicious IP list to elevate priority of future alerts.

Block the IP address by creating a deny rule in the firewall.

Question 28

Which statement applies to the malware protection flow of the endpoint agent in Cortex XSIAM?

A tile from an allowed signer is exempt from local analysis.

Local analysis always happens before a WildFire verdict check.

Hash comparisons come after local static analysis.

The block list is verified in the final step.