PSE-Cortex Exam - Free Palo Alto Networks Questions and Answers

Question #6 (Topic: Exam A)

Which two playbook functionalities allow looping through a group of tasks during playbook execution? (Choose two.)

A. playbook functions B. sub-playbooks C. GenericPolling playbooks D. playbook tasks

Answer: BC

Question #7 (Topic: Exam A)

Cortex XSOAR has extracted a malicious Internet Protocol (IP) address involved in command-and-control (C2) traffic.
What is the best method to block this IP from communicating with endpoints without requiring a configuration change on the firewall?

A. Have XSOAR automatically add the IP address to a threat intelligence management (TIM) malicious IP list to elevate priority of future alerts. B. Have XSOAR automatically add the IP address to a deny rule in the firewall. C. Have XSOAR automatically add the IP address to an external dynamic list (EDL) used by the firewall. D. Have XSOAR automatically create a NetOps ticket requesting a configuration change to the firewall to block the IP.

Answer: C

Question #8 (Topic: Exam A)

Which integration allows searching and displaying Splunk results within Cortex XSOAR?

A. SplunkPY integration B. Demisto App for Splunk integration C. XSOAR REST API integration D. Splunk integration

Answer: A

Question #9 (Topic: Exam A)

Which two types of indicators of compromise (IOCs) are available for creation in Cortex XDR? (Choose two.)

A. registry B. file path C. hash D. hostname

Answer: BC

Question #10 (Topic: Exam A)

A Cortex XSOAR customer has a phishing use case in which a playbook has been implemented with one of the steps blocking a malicious URL found in an email reported by one of the users.
What would be the appropriate next step in the playbook?

A. Email the CISO to advise that malicious email was found. B. Disable the user's email account. C. Email the user to confirm the reported email was phishing. D. Change the user's password.

Answer: C

Palo Alto Networks PSE-Cortex - Palo Alto Networks System Engineer Professional - Cortex Exam