New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

PSE-Cortex Paloalto Networks Exam Lab Questions

Page: 2 / 2
Total 60 questions

Palo Alto Networks System Engineer - Cortex Professional Questions and Answers

Question 5

A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified

(exploit/windows/browser/ms16_051_vbscript)

The description and current configuration of the exploit are as follows;

What is the remaining configuration?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 6

A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake.

Where would the user configure the ratio of storage for each log type?

Options:

A.

Within the TMS, create an agent settings profile and modify the Disk Quota value

B.

It is not possible to configure Cortex Data Lake quota for specific log types.

C.

Go to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota

D.

Write a GPO for each endpoint agent to check in less often

Question 7

An Administrator is alerted to a Suspicious Process Creation security event from multiple users.

The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

Options:

A.

With the Malware Security profile, disable the "Prevent Malicious Child Process Execution" module

B.

Within the Malware Security profile add the specific parent process, child process, and command line argument to the child process whitelist

C.

In the Cortex XDR security event, review the specific parent process, child process, and command line arguments

D.

Contact support and ask for a security exception.

Question 8

What is the result of creating an exception from an exploit security event?

Options:

A.

White lists the process from Wild Fire analysis

B.

exempts the user from generating events for 24 hours

C.

exempts administrators from generating alerts for 24 hours

D.

disables the triggered EPM for the host and process involve

Page: 2 / 2
Total 60 questions