Question 1

Which statement is correct based on the report output below?

Options :

A : Host Inventory Data Collection is enabled.

B : 3,297 total incidents have been detected.

C : Forensic inventory data collection is enabled.

D : 133 agents have full disk encryption.

Answer: C

Question 2

Which of the following represents a common sequence of cyber-attack tactics?

Options :

A : Actions on the objective Â» Reconnaissance Â» Weaponization & Delivery Â» Exploitation Â»Installation Â» Command & Control

B : Installation >> Reconnaissance Â» Weaponization & Delivery Â» Exploitation Â» Command & Control Â»Actions on the objective

C : Reconnaissance Â» Weaponization & Delivery Â» Exploitation Â» Installation Â» Command & Control Â»Actions on the objective

D : Reconnaissance >> Installation Â» Weaponization & Delivery Â» Exploitation Â» Command & Control Â»Actions on the objective

Answer: C

Question 3

Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?

Options :

A : Hash Verdict Determination

B : Behavioral Threat Protection

C : Restriction Policy

D : Child Process Protection

Answer: A

Question 4

To create a BIOC rule with XQL query you must at a minimum filter on which field in order for it to be a valid BIOC rule?

Options :

A : causality_chain

B : endpoint_name

C : threat_event

D : event_type

Answer: D

Question 5

Which license is required when deploying Cortex XDR agent on Kubernetes Clusters as a DaemonSet?

Options :

A : Cortex XDR Pro per TB

B : Host Insights

C : Cortex XDR Pro per Endpoint

D : Cortex XDR Cloud per Host

Answer: D

Free XDR-Analyst Mock Exam – Practice Online Confidently