Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

A customer wants to modify the retention periods of their Threat logs in Cortex Data Lake.

Where would the user configure the ratio of storage for each log type?

A.

Within the TMS, create an agent settings profile and modify the Disk Quota value

B.

It is not possible to configure Cortex Data Lake quota for specific log types.

C.

Go to the Cortex Data Lake App in Cloud Services, then choose Configuration and modify the Threat Quota

D.

Write a GPO for each endpoint agent to check in less often

What is the requirement for enablement of endpoint and network analytics in Cortex XDR?

A.

Cloud Identity Engine configured and enabled

B.

Network Mapper applet on the Broker VM configured and enabled

C.

Logs from at least 30 endpoints over a minimum of two weeks

D.

Windows DHCP logs ingested via a Cortex XDR collector

Which two types of indicators of compromise (IOCs) are available for creation in Cortex XDR? (Choose two.)

A.

registry

B.

file path

C.

hash

D.

hostname

What is the function of reputation scoring in the Threat Intelligence Module of Cortex XSIAM?

A.

It provides a statistical model for combining scores from multiple vendors

B.

It resolves conflicting scores from different vendors with the same indicator.

C.

It allows for comparison between open-source intelligence and paid services.

D.

It helps identify threat feed vendors with invalid content.

Which task setting allows context output to a specific key?

A.

extend context

B.

stop on errors

C.

task output

D.

lags

How can Cortex XSOAR save time when a phishing incident occurs?

A.

It can automatically email staff to warn them about the phishing attack and show them a copy of the email.

B.

It can automatically respond to the phishing email to unsubscribe from future emails.

C.

It can automatically purge the email from user mailboxes in which it has not yet opened.

D.

It can automatically identify every mailbox that received the phish and create corresponding cases for them.

On a multi-tenanted v6.2 Cortex XSOAR server, which path leads to the server.log for "Tenant1"?

A.

/var/log/demisto/acc_Tenant1/server.log

B.

/var/log/demisto/Tenant1/server.log

C.

/var/lib/demisto/acc_Tenant1/server.log

D.

/var/lib/demisto/server.log

When analyzing logs for indicators, which are used for only BIOC identification'?

A.

observed activity

B.

artifacts

C.

techniques

D.

error messages

"Bob" is a Demisto user. Which command is used to add 'Bob" to an investigation from the War Room CLI?

A.

#Bob

B.

/invite Bob

C.

@Bob

D.

!invite Bob

What does the Cortex XSOAR "Saved by Dbot" widget calculate?

A.

amount saved in Dollars according to actions carried out by all users in Cortex XSOAR across all incidents

B.

amount saved in Dollars by using Cortex XSOAR instead of other products

C.

amount of time saved by each playbook task within an incident

D.

amount of time saved by Dbot's machine learning (ML) capabilities