ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PSE-Cortex All Questions

View all questions & answers for the PSE-Cortex exam
Go to Exam

Exam PSE-Cortex topic 1 question 28 discussion

Actual exam question from Palo Alto Networks's PSE-Cortex
Question #: 28
Topic #: 1
[All PSE-Cortex Questions]

Which two areas of Cortex XDR are used for threat hunting activities? (Choose two.)

  • A. indicators of compromise (IOC) rules
  • B. query builder
  • C. live terminal
  • D. host insights module
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by TeachTrooper at June 7, 2024, 9:23 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
garcem
9 months, 2 weeks ago
B, C are correct To investigate and respond to security events on endpoints, you can use the Live Terminal to initiate a remote connection to an endpoint. With flexible XQL search, you can unearth almost any threat using a broad set of search commands and options. XQL search allows you to find adversary tactics across the attack lifecycle and hunt down stealthy attack behaviors by constructing laser-precise queries. You can also search for indicators of compromise (IoCs) in your data to reveal malicious activity that might otherwise be virtually impossible to find
upvoted 3 times
...
5688ac9
9 months, 3 weeks ago
Selected Answer: BC
B,C are correct
upvoted 2 times
...
TeachTrooper
11 months ago
B & C should be correct
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago