Palo Alto Networks System Engineer Professional - Cortex

Here you have the best Palo Alto Networks PSE-Cortex practice exam questions

You have 49 total questions to study from
Each page has 5 questions, making a total of 10 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on May 27, 2025
This site is not affiliated with or endorsed by Palo Alto Networks.

Question 1 of 49

What does the Cortex XSOAR "Saved by Dbot" widget calculate?

amount saved in Dollars according to actions carried out by all users in Cortex XSOAR across all incidents

amount saved in Dollars by using Cortex XSOAR instead of other products

amount of time saved by each playbook task within an incident

amount of time saved by Dbot's machine learning (ML) capabilities

Correct Answer: D

The Cortex XSOAR 'Saved by Dbot' widget calculates the amount of time saved by Dbot's machine learning (ML) capabilities. This widget helps to understand the efficiency and time-optimization benefits gained from the automation and intelligence provided by Dbot within the Cortex XSOAR platform.

Question 2 of 49

Which Cortex XDR agent capability prevents loading malicious files from USB-connected removable equipment?

agent management

device control

agent configuration

device customization

Correct Answer: B

Question 3 of 49

Which type of log is ingested natively in Cortex XDR Pro per TB?

Google Kubernetes Engine

Demisto

Docker

Microsoft Office 365

Correct Answer: D

Question 4 of 49

An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network.

Which Cortex XDR Analytics alert will this activity most likely trigger?

uncommon local scheduled task creation

malware

new administrative behavior

DNS Tunneling

Correct Answer: D

Question 5 of 49

How do sub-playbooks affect the Incident Context Data?

When set to private, task outputs do not automatically get written to the root context.

When set to global, sub-playbook tasks do not have access to the root context.

When set to global, parallel task execution is allowed.

When set to private, task outputs are automatically written to the root context.

Correct Answer: A

When a sub-playbook is set to private, task outputs do not automatically get written to the root context. This means that the outputs from the tasks within the sub-playbook are isolated and will not interfere with or modify the main incident context data directly. This mechanism helps to control the scope and impact of the playbook’s execution, ensuring that only relevant data is shared with the root context as needed.