A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified
(exploit/windows/browser/ms16_051_vbscript)
The description and current configuration of the exploit are as follows;
What is the remaining configuration?
A)
B)
C)
D)
Which statement applies to the malware protection flow in Cortex XDR Prevent?
Why is Premium Customer Success an important part of any Cortex bill of materials?
Which feature of Cortex Xpanse allows it to identify previously unknown assets?
Why is reputation scoring important in the Threat Intelligence Module of Cortex XSOAR?
A Cortex XSOAR customer wants to ingest emails from a single mailbox. The mailbox brings in reported phishing emails and email requests from human resources (HR) to onboard new users. The customer wants to run two separate workflows from this mailbox, one for phishing and one for onboarding.
What will allow Cortex XSOAR to accomplish this in the most efficient way?
What are the key capabilities of the ASM for Remote Workers module?
How does Cortex XSOAR automation save time when a phishing incident occurs?
Within Cortex XSIAM, how does the integration of Attack Surface Management (ASM) provide a unified approach to security event management that traditional SIEMs typically lack?
For which two purposes can Cortex XSOAR engines be deployed? (Choose two.)
Which two Cortex XSOAR incident type features can be customized under Settings > Advanced > Incident Types? (Choose two.)
During the TMS instance activation, a tenant (Customer) provides the following information for the fields in the Activation - Step 2 of 2 window.
During the service instance provisioning which three DNS host names are created? (Choose three.)
How does a clear understanding of a customer’s technical expertise assist in a hand off following the close of an opportunity?
The Cortex XDR management service requires which other Palo Alto Networks product?
When a Demisto Engine is part of a Load-Balancing group it?
Which source provides data for Cortex XDR?
In the DBotScore context field, which context key would differentiate between multiple entries for the same indicator in a multi-TIP environment?
What is a key difference between audit users and full users in Cortex XSOAR?
When integrating with Splunk, what will allow you to push alerts into Cortex XSOAR via the REST API?
Which element displays an entire picture of an attack, including the root cause or delivery point?
A customer wants the main Cortex XSOAR server installed in one site and wants to integrate with three other technologies in a second site.
What communications are required between the two sites if the customer wants to install a Cortex XSOAR engine in the second site?
Given the integration configuration and error in the screenshot what is the cause of the problem?
What is the primary purpose of Cortex XSIAM’s machine learning led design?
What is a requirement when integrating Cortex XSIAM or Cortex XDR with other Palo Alto Networks products?
What is the size of the free Cortex Data Lake instance provided to a customer who has activated a TMS tenant, but has not purchased a Cortex Data Lake instance?
Which Cortex XDR capability extends investigations to an endpoint?
What is the difference between the intel feed’s license quotas of Cortex XSOAR Starter Edition and Cortex XSOAR (SOAR + TIM)?
Cortex XSOAR has extracted a malicious Internet Protocol (IP) address involved in command-and-control (C2) traffic.
What is the best method to block this IP from communicating with endpoints without requiring a configuration change on the firewall?
Which integration allows data to be pushed from Cortex XSOAR into Splunk?
Which consideration should be taken into account before deploying Cortex XSOAR?
Which statement applies to the malware protection flow of the endpoint agent in Cortex XSIAM?
What is the difference between an exception and an exclusion?
Which two types of indicators of compromise (IOCs) are available for creation in Cortex XDR? (Choose two.)
Which two filter operators are available in Cortex XDR? (Choose two.)
A prospective customer is interested in Cortex XDR but is enable to run a product evaluation.
Which tool can be used instead to showcase Cortex XDR?
Which CLI query would bring back Notable Events from Splunk?
A)
B)
C)
D)
Which command-line interface (CLI) query would retrieve the last three Splunk events?
What should be configured for a Cortex XSIAM customer who wants to automate the response to certain alerts?
Which two troubleshooting steps should be taken when an integration is failing to connect? (Choose two.)
What is the function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM?
In Cortex XDR Prevent, which three matching criteria can be used to dynamically group endpoints? (Choose three )
What is a benefit of user entity behavior analytics (UEBA) over security information and event management (SIEM)?
Which Cortex XSIAM feature can be used to onboard data sources?
What does Cortex Xpanse ingest from XDR endpoints?
A prospect has agreed to do a 30-day POC and asked to integrate with a product that Demisto currently does not have an integration with. How should you respond?
An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network.
Which Cortex XDR Analytics alert will this activity most likely trigger?
Cortex XSOAR has extracted a malicious IP address involved in command-and-control traffic.
What is the best method to automatically block this IP from communicating with endpoints without requiring a configuration change on the firewall?
Which two methods does the Cortex XDR agent use to identify malware during a scheduled scan? (Choose two.)
What is the primary mechanism for the attribution of attack surface data in Cortex Xpanse?
Which statement applies to the differentiation of Cortex XDR from security information and event management (SIEM)?