When initiated, which Cortex XDR capability allows immediate termination of the process or whole process tree on an anomalous process discovered during investigation of a security event?
d
Which integration allows searching and displaying Splunk results within Cortex XSOAR?
a
What is the size of the free Cortex Data Lake instance provided to a customer who has activated a TMS tenant, but has not purchased a Cortex Data Lake instance?
b
What is used to display only file entries in a War Room?
c
A customer has purchased Cortex Data Lake storage with the following configuration, which requires 2 TB of Cortex Data Lake to order: support for 300 total Cortex XDR clients all forwarding Cortex XDR data with 30-day retention storage for higher fidelity logs to support Cortex XDR advanced analytics
The customer now needs 1000 total Cortex XDR clients, but continues with 300 clients forwarding Cortex XDR data with 30-day retention.
What is the new total storage requirement for Cortex Data Lake storage to order?
b
An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network.
Which Cortex XDR Analytics alert will this activity most likely trigger?
d
Which two methods does the Cortex XDR agent use to identify malware during a scheduled scan? (Choose two.)
ab
Which statement applies to the malware protection flow in Cortex XDR Prevent?
a
A Cortex XSOAR customer has a phishing use case in which a playbook has been implemented with one of the steps blocking a malicious URL found in an email reported by one of the users.
What would be the appropriate next step in the playbook?
c
How do sub-playbooks affect the Incident Context Data?
a