Which two types of lOCs are available for creation in Cortex XDR? (Choose two.)

• A.IP
• B.registry entry
• C.endpoint hostname
• D.domain

Comment: *

Name: *

Email: *

Verification: *

The certificate used for decryption was installed as a trusted toot CA certificate to ensure communication between the Cortex XDR Agent and Cortex XDR Management Console.What action needs to be taken if the administrator determines the Cortex XDR Agents are not communicating with the Cortex XDR Management Console?

• A.disable SSL decryption
• B.enable SSL decryption
• C.reinstall the root CA certificate
• D.add paloaltonetworks.com to the SSL Decryption Exclusion list

Comment: *

Name: *

Email: *

Verification: *

What is the retention requirement for Cortex Data Lake sizing?

• A.number of endpoints
• B.number of VM-Series NGFW
• C.number of days
• D.logs per second

Comment: *

Name: *

Email: *

Verification: *

Which three Demisto incident type features can be customized under Settings > Advanced > Incident Types? (Choose three.)

• A.Drop new incidents of the same type that contain similar information
• B.Define whether a playbook runs automatically when an incident type is encountered
• C.Set reminders for an incident SLA
• D.Add new fields to an incident type
• E.Define the way that incidents of a specific type are displayed in the system

Comment: *

Name: *

Email: *

Verification: *

A test for a Microsoft exploit has been planned. After some research Internet Explorer 11 CVE-2016-0189 has been selected and a module in Metasploit has been identified (exploit/windows/browser/ms16_051_vbscript) The description and current configuration of the exploit are as follows;

What is the remaining configuration?
A)

B)

C)

D)

• A.Option D
• B.Option C
• C.Option B
• D.Option A

Comment: *

Name: *

Email: *

Verification: *