XSIAM-Analyst Exam Question 16
Which feature terminates a process during an investigation?
XSIAM-Analyst Exam Question 17
Which Cytool command will re-enable protection on an endpoint that has Cortex XDR agent protection paused?
XSIAM-Analyst Exam Question 18
An on-demand malware scan of a Windows workstation using the Cortex XDR agent is successful and detects three malicious files. An analyst attempts further investigation of the files by right-clicking on the scan result, selecting "Additional data," then "View related alerts," but no alerts are reported.
What is the reason for this outcome?
What is the reason for this outcome?
XSIAM-Analyst Exam Question 19
Which two actions will allow a security analyst to review updated commands from the core pack and interpret the results without altering the incident audit? (Choose two.)
XSIAM-Analyst Exam Question 20
Which type of alert in Cortex XSIAM is primarily based on endpoint telemetry and behavior?
