A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?
A. Open an NFS connection from the Cortex XDR console and delete the file.
B. Manually remediate the problem on the endpoint in question.
C. Open X2go from the Cortex XDR console and delete the file via X2go.
D. Initiate Remediate Suggestions to automatically delete the file.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Which license is required when deploying Cortex XDR agent on Kubernetes Clusters as a DaemonSet?
A. Cortex XDR Cloud per Host
B. Cortex XDR Pro per Endpoint
C. Cortex XDR Pro per TB
D. Host Insights
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
What is the outcome of creating and implementing an alert exclusion?
A. The Cortex XDR agent will not create an alert for this event in the future.
B. The Cortex XDR agent will allow the process that was blocked to run on the endpoint.
C. The Cortex XDR console will delete those alerts and block ingestion of them in the future.
D. The Cortex XDR console will hide those alerts.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
What is the standard installation disk space recommended to install a Broker VM?
A. 2GB disk space
B. 1GB disk space
C. 512GB disk space
D. 256GB disk space
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?
A. Create Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.
B. Create IOCs of the malicious files you have found to prevent their execution.
C. Enable Behavioral Threat Protection (BTP) with cytool to prevent the attack from spreading.
D. Enable DLL Protection on all servers but there might be some false positives.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
Fukuzawa -
これで合格点は取れます。問題部分だけの暗記でもいけるレベルです。Pass4Testは信頼できます。