XSIAM-Analyst Exam Question 26
Which pane in the User Risk View will identify the country from which a user regularly logs in, based on the past few weeks of data?
XSIAM-Analyst Exam Question 27
An alert involves credential dumping. Reviewing the causality chain, you notice the following:
- lsass.exe is accessed by powershell.exe
- Prior to this, cmd.exe launched the PowerShell script
What can you infer?
- lsass.exe is accessed by powershell.exe
- Prior to this, cmd.exe launched the PowerShell script
What can you infer?
XSIAM-Analyst Exam Question 28
In which two ways can scheduled XQL queries be made to run efficiently? (Choose two.)
XSIAM-Analyst Exam Question 29
Which option allows continuous monitoring and triage of evolving threats?
XSIAM-Analyst Exam Question 30
A Cortex XSIAM analyst is reading a blog that references an unfamiliar critical zero-day vulnerability. This vulnerability has been weaponized, and there is evidence that it is being exploited by threat actors targeting a customer's industry.
Where can the analyst go within Cortex XSIAM to learn more about this vulnerability and any potential impacts on the customer environment?
Where can the analyst go within Cortex XSIAM to learn more about this vulnerability and any potential impacts on the customer environment?
