Which Cortex XDR agent capability prevents loading malicious files from USB-connected removable equipment?
Which Cortex XDR agent capability prevents loading malicious files from USB-connected removable equipment? a. Device control b. Agent management c. Agent configuration d. Device customizationView AnswerAnswer: A
What is the appropriate response to the customer?
A customer agrees to do a 30-day proof of concept (POC) and wants to integrate with a product with which Cortex XSOAR is not currently integrated. What is the appropriate response to the customer? a. Extend the POC window to allow the solution architects to build it b. Explain that...
Cortex XDR external data ingestion processes ingest data from which sources?
Cortex XDR external data ingestion processes ingest data from which sources? a. Windows event logs only b. Windows event logs, syslogs, and custom external sources c. Windows event logs and syslogs only d. Syslogs onlyView AnswerAnswer: B
What communications are required between the two sites if the customer wants to install a Cortex XSOAR engine in the second site?
A customer wants the main Cortex XSOAR server installed in one site and wants to integrate with three other technologies in a second site What communications are required between the two sites if the customer wants to install a Cortex XSOAR engine in the second site? a. The Cortex XSOAR...
Which process is the causality chain does the Cortex XDR agent identify as triggering an event sequence?
Which process is the causality chain does the Cortex XDR agent identify as triggering an event sequence? a. Adversary’s remote process b. Chain’s alert initiator c. Causality group owner d. Relevant shellView AnswerAnswer: C
Which task setting allows context output to a specific key?
Which task setting allows context output to a specific key? a. Extend context b. Task output c. Stop on errors d. tagsView AnswerAnswer: A
Which command is used to add Cortex XSOAR “User1” to an investigation from the War Room?
Which command is used to add Cortex XSOAR “User1” to an investigation from the War Room? a. #Invite User1 b. @User1 c. #User1 d. !Invite User1View AnswerAnswer: B
What Cortex XDR Analytics alert will this activity most likely trigger?
An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network. What Cortex XDR Analytics alert will this activity most likely trigger? a. Uncommon local scheduled task creation b. Malware c. New administrative behavior d. DNS TunnelingView...
How do sub-playbooks affect the incident Context Data?
How do sub-playbooks affect the incident Context Data? a. When set to global, sub-playbook tasks do not have access to the root context b. When set to private, task outputs do not automatically get written to the root context c. When set to global, parallel task execution is allowed d....
Which attack method is a result of techniques designed to gain access through vulnerabilities in the code of an operating system (OS) or application?
Which attack method is a result of techniques designed to gain access through vulnerabilities in the code of an operating system (OS) or application? a. Malware b. Exploit c. Ransomware d. phishingView AnswerAnswer: B