Palo Alto Networks Systems Engineer Professional - Cortex 온라인 연습
최종 업데이트 시간: 2025년10월03일
당신은 온라인 연습 문제를 통해 Paloalto Networks PSE-Cortex-Pro-24 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 PSE-Cortex-Pro-24 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 80개의 시험 문제와 답을 포함하십시오.
/ 4
Question No : 1
Which task setting allows context output to a specific key?
a. Extend context
b. Task output
c. Stop on errors
d. tags
정답: A
Question No : 2
Which Cortex XDR agent capability prevents loading malicious files from USB-connected removable equipment?
a. Device control
b. Agent management
c. Agent configuration
d. Device customization
정답: A
Question No : 3
The Cortex XDR management service requires which other Palo Alto Networks product?
a. Cortex Data Lake
b. Directory Sync
c. Panorama
d. Cortex XSOAR
정답: A
Question No : 4
Which integration allows data to be pushed from Cortex XSOAR into Splunk?
a. SplunkUpdate integration
b. Demisto App for Splunk integration
c. SplunkPY integration
d. ArcSight ESM integration
정답: C
Question No : 5
Which step is required to prepare the virtual desktop infrastructure (VDI) golden image?
a. Run the VDI conversion tool
b. Ensure the latest content updates are installed
c. Set the memory dumps to manual setting
d. Review any portable executable (PE) files WildFire determined to be malicious
정답: D
Question No : 6
Which statement applies to a Cortex XSOAR engine that is part of a load-balancing group?
a. It does not appear in the engine drop-down menu when configuring an integration instance
b. It must be in a load-balancing group with at least three additional members
c. It can be used separately as an engine only if directly connected to the XSOAR server
d. It must have port 443 open to allow the XSOAR server to establish a connection
정답: C
Question No : 7
What is a benefit of user entity behavior analytics (UEBA) over security information and event management (SIEM)?
a. UEBA can add trusted signers of Windows or Mac processes to a whitelist in the Endpoint Security Manager (ESM) Console
b. UEBA establishes a secure connection in which endpoints can be routed, and it collects and forwards logs and files for analysis
c. SIEMs have difficulty detecting unknown or advanced security threats that do not involve malware, such as credential theft
d. SIEMs supports only agentless scanning, not agent-based workload protection across VMs, containers, Kubernetes.
정답: C
Question No : 8
Which attack method is a result of techniques designed to gain access through vulnerabilities in the code of an operating system (OS) or application?
a. Malware
b. Exploit
c. Ransomware
d. phishing
정답: B
Question No : 9
Which two types of indicators of compromise (IOCs) are available for creation in Cortex XDR?
a. Registry
b. Hostname
c. Hash
d. File path
정답: C.D
Question No : 10
An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network.
What Cortex XDR Analytics alert will this activity most likely trigger?
a. Uncommon local scheduled task creation
b. Malware
c. New administrative behavior
d. DNS Tunneling
정답: D
Question No : 11
How do sub-playbooks affect the incident Context Data?
a. When set to global, sub-playbook tasks do not have access to the root context
b. When set to private, task outputs do not automatically get written to the root context
c. When set to global, parallel task execution is allowed
d. When set to private, task outputs are automatically written to the root context
정답: B
Question No : 12
Which process is the causality chain does the Cortex XDR agent identify as triggering an event sequence?
a. Adversary’s remote process
b. Chain’s alert initiator
c. Causality group owner
d. Relevant shell
정답: C
Question No : 13
Cortex XDR external data ingestion processes ingest data from which sources?
a. Windows event logs only
b. Windows event logs, syslogs, and custom external sources
c. Windows event logs and syslogs only
d. Syslogs only
정답: B
Question No : 14
What is the size of the free Cortex Data Lake instance provided to a customer who has activated a TMS tenant, but has not purchased a Cortex Data Lake instance?
a. 10 TB
b. 1 TB
c. 100 GB
d. 10 GB
정답: C
Question No : 15
Cortex XSOAR has extracted a malicious Internet Protocol (IP) address involved in command-and-control (C2) traffic.
What is the best method to block this IP from communicating with endpoints without requiring a configuration change on the firewall?
a. Have XSOAR automatically add the IP address to a deny rule in the firewall
b. Have XSOAR automatically add the IP address to a threat intelligence management (TIM) malicious IP list to elevate priority of future alerts
c. Have XSOAR automatically add the IP address to an external dynamic list (EDL) used by the firewall
d. Have XSOAR automatically create a NetOps ticket requesting a configuration change to the firewall to block the IP
