What is one way to add an exception for the singer?
In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?A . In the Restrictions Profile, add the file name and path to the Executable Files allow...
Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?
Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?A . Security Manager DashboardB . Data Ingestion DashboardC . Security Admin DashboardD . Incident Management DashboardView AnswerAnswer: D Explanation: The Incident Management Dashboard provides a high-level overview...
Which license is required when deploying Cortex XDR agent on Kubernetes Clusters as a DaemonSet?
Which license is required when deploying Cortex XDR agent on Kubernetes Clusters as a DaemonSet?A . Cortex XDR Pro per TBB . Host InsightsC . Cortex XDR Pro per EndpointD . Cortex XDR Cloud per HostView AnswerAnswer: D Explanation: When deploying Cortex XDR agent on Kubernetes clusters as a DaemonSet,...
What functionality of the Broker VM would you use to ingest third-party firewall logs to the Cortex Data Lake?
What functionality of the Broker VM would you use to ingest third-party firewall logs to the Cortex Data Lake?A . Netflow CollectorB . Syslog CollectorC . DB CollectorD . PathfinderView AnswerAnswer: B Explanation: The Broker VM is a virtual machine that acts as a data broker between third-party data sources...
With a Cortex XDR Prevent license, which objects are considered to be sensors?
With a Cortex XDR Prevent license, which objects are considered to be sensors?A . Syslog serversB . Third-Party security devicesC . Cortex XDR agentsD . Palo Alto Networks Next-Generation FirewallsView AnswerAnswer: C Explanation: The objects that are considered to be sensors with a Cortex XDR Prevent license are Cortex XDR...
What kind of the threat typically encrypts user files?
What kind of the threat typically encrypts user files?A . ransomwareB . SQL injection attacksC . Zero-day exploitsD . supply-chain attacksView AnswerAnswer: A Explanation: Ransomware is a type of malicious software, or malware, that encrypts user files and prevents them from accessing their data until they pay a ransom. Ransomware...
Which statement is true based on the following Agent Auto Upgrade widget?
Which statement is true based on the following Agent Auto Upgrade widget? A . There are a total of 689 Up To Date agents.B . Agent Auto Upgrade was enabled but not on all endpoints.C . Agent Auto Upgrade has not been enabled.D . There are more agents in Pending...
What are two purposes of “Respond to Malicious Causality Chains” in a Cortex XDR Windows Malware profile? (Choose two.)
What are two purposes of “Respond to Malicious Causality Chains” in a Cortex XDR Windows Malware profile? (Choose two.)A . Automatically close the connections involved in malicious traffic.B . Automatically kill the processes involved in malicious activity.C . Automatically terminate the threads involved in malicious activity.D . Automatically block the...
In the deployment of which Broker VM applet are you required to install a strong cipher SHA256-based SSL certificate?
In the deployment of which Broker VM applet are you required to install a strong cipher SHA256-based SSL certificate?A . Agent ProxyB . Agent Installer and Content CachingC . Syslog CollectorD . CSV CollectorView AnswerAnswer: B Explanation: The Agent Installer and Content Caching applet of the Broker VM is used...
What does the following output tell us?
What does the following output tell us? A . There is one low severity incident.B . Host shpapy_win10 had the most vulnerabilities.C . There is one informational severity alert.D . This is an actual output of the Top 10 hosts with the most malware.View AnswerAnswer: D Explanation: The output shows...