XSIAM-Analyst Exam Question 31
A user navigates to a non-malicious URL. The firewall logs contain information on the network connection, and the endpoint logs contain information on the process that triggered the connection-both of which are ingested into Cortex XSIAM.
What is the term for combining this information upon ingestion?
What is the term for combining this information upon ingestion?
XSIAM-Analyst Exam Question 32
With regard to Attack Surface Rules, how often are external scans updated?
XSIAM-Analyst Exam Question 33
When a sub-playbook loops, which task tab will allow an analyst to determine what data the sub- playbook used in each iteration of the loop?
XSIAM-Analyst Exam Question 34
An incident in Cortex XSIAM contains the following series of alerts:
10:24:17 AM - Informational Severity - XDR Analytics BIOC - Rare
process execution in organization
10:24:18 AM - Low Severity - XDR BIOC - Suspicious AMSI DLL load
location
10:24:20 AM - Medium Severity - XDR Agent - WildFire Malware
11:57:04 AM - High Severity - Correlation - Suspicious admin account
creation
Which alert was responsible for the creation of the incident?
10:24:17 AM - Informational Severity - XDR Analytics BIOC - Rare
process execution in organization
10:24:18 AM - Low Severity - XDR BIOC - Suspicious AMSI DLL load
location
10:24:20 AM - Medium Severity - XDR Agent - WildFire Malware
11:57:04 AM - High Severity - Correlation - Suspicious admin account
creation
Which alert was responsible for the creation of the incident?
XSIAM-Analyst Exam Question 35
Based on the image below, what are two purposes of the red error path rectangle in the playbook? (Choose two.)


