ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCDRA
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?
You can star security events in which two ways? (Choose two.)
When is the wss (WebSocket Secure) protocol used?
When reaching out to TAC for additional technical support related to a Security Event; what are two critical pieces of information you need to collect from the Agent? (Choose Two)
Why would one threaten to encrypt a hypervisor or, potentially, a multiple number of virtual machines running on a server?
What is the maximum number of agents one Broker VM local agent applet can support?
Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?
What is the Wildfire analysis file size limit for Windows PE files?
In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?
What does the following output tell us?

Question 62 - PCDRA discussion

Report
Export

Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques.

A.
Exfiltration, Command and Control, Collection
Answers
A.
Exfiltration, Command and Control, Collection
B.
Exfiltration, Command and Control, Privilege Escalation
Answers
B.
Exfiltration, Command and Control, Privilege Escalation
C.
Exfiltration, Command and Control, Impact
Answers
C.
Exfiltration, Command and Control, Impact
D.
Exfiltration, Command and Control, Lateral Movement
Answers
D.
Exfiltration, Command and Control, Lateral Movement
Suggested answer: D

Explanation:

Cortex XDR Analytics is a feature of Cortex XDR that leverages machine learning and behavioral analytics to detect and alert on malicious activity across the network and endpoint layers. Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques: Exfiltration, Command and Control, Lateral Movement, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, and Collection. However, among the options given in the question, the correct answer is D, Exfiltration, Command and Control, Lateral Movement. These are three of the most critical techniques that indicate an advanced and persistent threat (APT) in the environment. Exfiltration refers to the technique of transferring data or information from the compromised system or network to an external location controlled by the adversary. Command and Control refers to the technique of communicating with the compromised system or network to provide instructions, receive data, or update malware. Lateral Movement refers to the technique of moving from one system or network to another within the same environment, usually to gain access to more resources or data. Cortex XDR Analytics can alert on these techniques by analyzing various data sources, such as network traffic, firewall logs, endpoint events, and threat intelligence, and applying behavioral models, anomaly detection, and correlation rules.Cortex XDR Analytics can also map the alerts to the corresponding MITRE ATT&CKTM techniques and provide additional context and visibility into the attack chain1234

Cortex XDR Analytics

MITRE ATT&CKTM

Cortex XDR Analytics MITRE ATT&CKTM Techniques

Cortex XDR Analytics Alert Categories

Show Answer
asked 23/09/2024
Jailson Batista
35 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms