FreeCram
  1. Home
  2. Palo Alto Networks
  3. Palo Alto Networks System Engineer - Cortex Professional
  4. PaloAltoNetworks.PSE-Cortex.v2022-06-28.q35
  5. Question 29
<< Prev Question Next Question >>

Question 29/35

An Administrator is alerted to a Suspicious Process Creation security event from multiple users.
The users believe that these events are false positives Which two steps should the administrator take to confirm the false positives and create an exception? (Choose two )

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (35q)
1 commentQuestion 1: Which task allows the playbook to follow different paths bas...
Question 2: If you have a playbook task that errors out. where could you...
Question 3: Given the exception thrown in the accompanying image by the ...
Question 4: The images show two versions of the same automation script a...
Question 5: If you have a playbook task that errors out. where could you...
Question 6: Which two entities can be created as a BIOC? (Choose two.)...
Question 7: An EDR project was initiated by a CISO. Which resource will ...
Question 8: Which two types of lOCs are available for creation in Cortex...
Question 9: The certificate used for decryption was installed as a trust...
Question 10: When integrating with Splunk, what will allow you to push al...
Question 11: In Cortex XDR Prevent, which three matching criteria can be ...
Question 12: When a Demisto Engine is part of a Load-Balancing group it?...
Question 13: The prospect is deciding whether to go with a phishing or a ...
Question 14: Which Cortex XDR Agent capability prevents loading malicious...
Question 15: Cortex XDR can schedule recurring scans of endpoints for mal...
Question 16: What method does the Traps agent use to identify malware dur...
Question 17: How does an "inline" auto-extract task affect playbook execu...
Question 18: How do sub-playbooks affect the Incident Context Data?...
Question 19: A test for a Microsoft exploit has been planned. After some ...
Question 20: Which two filter operators are available in Cortex XDR? (Cho...
Question 21: What are two manual actions allowed on War Room entries? (Ch...
Question 22: When a Demisto Engine is part of a Load-Balancing group it?...
Question 23: In an Air-Gapped environment where the Docker package was ma...
Question 24: What is the difference between an exception and an exclusion...
Question 25: The customer has indicated they need EDR data collection cap...
Question 26: In Cortex XDR Prevent, which three matching criteria can be ...
Question 27: An administrator of a Cortex XDR protected production enviro...
Question 28: Which three Demisto incident type features can be customized...
Question 29: An Administrator is alerted to a Suspicious Process Creation...
Question 30: How do sub-playbooks affect the Incident Context Data?...
Question 31: When integrating with Splunk, what will allow you to push al...
Question 32: Given the integration configuration and error in the screens...
Question 33: Which deployment type supports installation of an engine on ...
Question 34: Given the integration configuration and error in the screens...
Question 35: An administrator of a Cortex XDR protected production enviro...