Palo_Alto_Networks
SECOPS-PRO · Question #66
SECOPS-PRO Question #66: Real Exam Question with Answer & Explanation
Sign in or unlock SECOPS-PRO to reveal the answer and full explanation for question #66. The question stem and answer options stay visible for context.
Question
A Security Operations Center (SOC) using Cortex XDR observes a high-severity alert indicating a potential ransomware attack. The alert details include a specific file hash (SHA256: e3bOc44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855) associated with a suspicious process. Which of the following Cortex XDR and Cortex XSOAR capabilities would be most effective in leveraging this file indicator for rapid investigation and containment?
Options
- AAutomatically querying AutoFocus for intelligence on the file hash to determine its reputation and
- BUsing the file hash in a Cortex XDR 'Live Terminal' session to remotely delete the suspicious file
- CConfiguring a custom 'Exclusion' in Cortex XDR for this specific file hash to prevent future alerts.
- DLeveraging a Cortex XSOAR playbook to initiate a 'War Room' discussion with the incident
- ESubmitting the file hash to the public VirusTotal API and awaiting a community verdict before
Unlock SECOPS-PRO to see the answer
You've previewed enough free SECOPS-PRO questions. Unlock SECOPS-PRO for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.