Which resource will likely have the most heavy influence on the project?
An EDR project was initiated by a CISO. Which resource will likely have the most heavy influence on the project?A . desktop engineerB . SOC managerC . SOC analyst ITD . operations managerView AnswerAnswer: B
What is the retention requirement for Cortex Data Lake sizing?
What is the retention requirement for Cortex Data Lake sizing?A . number of endpointsB . number of VM-Series NGFWC . number of daysD . logs per secondView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-cortex-data-lake/set-log-storage-quota
What is the remaining configuration?
A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows; What is the remaining configuration? A) B) C) D) A ....
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three.)A . Domain/workgroup membershipB . quarantine statusC . hostnameD . OSE . attack threat intelligence tagView AnswerAnswer: B,C,D
How does DBot score an indicator that has multiple reputation scores?
How does DBot score an indicator that has multiple reputation scores?A . uses the most severe score scoresB . the reputation as undefinedC . uses the average scoreD . uses the least severe scoreView AnswerAnswer: A
In an Air-Gapped environment where the Docker package was manually installed after the Cortex XSOAR installation which action allows Cortex XSOAR to access Docker?
In an Air-Gapped environment where the Docker package was manually installed after the Cortex XSOAR installation which action allows Cortex XSOAR to access Docker?A . create a “docker” group and add the "Cortex XSOAR" or "demisto" user to this groupB . create a "Cortex XSOAR' or "demisto" group and add...
Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?
Which deployment type supports installation of an engine on Windows, Mac OS. and Linux?A . RPMB . SHC . DEBD . ZIPView AnswerAnswer: D Explanation: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/install-deploy-and-configure-demisto-engines/create-a-new-engine.html
Which Cortex XDR Analytics alert is this activity most likely to trigger'?
An adversary is attempting to communicate with malware running on your network for the purpose of controlling malware activities or for ex filtrating data from your network. Which Cortex XDR Analytics alert is this activity most likely to trigger'?A . Uncommon Local Scheduled Task CreationB . MalwareC . New Administrative...
Which two entities can be created as a BIOC? (Choose two.)
Which two entities can be created as a BIOC? (Choose two.)A . fileB . registryC . event logD . alert logView AnswerAnswer: A,B Explanation: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/cortex-xdr-indicators/working-with-biocs/create-a-bioc-rule.html
Which task allows the playbook to follow different paths based on specific conditions?
Which task allows the playbook to follow different paths based on specific conditions?A . ConditionalB . AutomationC . ManualD . ParallelView AnswerAnswer: A