← Back to exam page

PSE-Cortex Palo Alto Networks System Engineer - Cortex Professional

Loading demo links...

Showing 7–9 of 10 questions

Question 7

An administrator has a critical group of systems running Windows XP SP3 that cannot be upgraded The administrator wants to evaluate the ability of Traps to protect these systems and the word processing applications running on them

How should an administrator perform this evaluation?

Select an option, then click Submit answer.

  • Gather information about the word processing applications and run them on a Windows XP SP3 VM Determine if any of the applications are vulnerable and run the exploit with an exploitation tool

  • Run word processing exploits in a latest version of Windows VM in a controlled and isolated environment. Document indicators of compromise and compare to Traps protection capabilities

  • Run a known 2015 flash exploit on a Windows XP SP3 VM. and run an exploitation tool that acts as a listener Use the results to demonstrate Traps capabilities

  • Prepare the latest version of Windows VM Gather information about the word processing applications, determine if some of them are vulnerable and prepare a working exploit for at least one of them Execute with an exploitation tool


Question 8

If an anomalous process is discovered while investigating the cause of a security event, you can take immediate action to terminate the process or the whole process tree, and block processes from running by initiating which Cortex XDR capability?

Select an option, then click Submit answer.

  • Live Sensors

  • File Explorer

  • Log Stitching

  • Live Terminal


Question 9

When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the

REST API?

Select an option, then click Submit answer.

  • splunk-get-alerts integration command

  • Cortex XSOAR TA App for Splunk

  • SplunkSearch automation

  • SplunkGO integration