Palo_Alto_Networks
XDR-ANALYST · Question #103
XDR-ANALYST Question #103: Real Exam Question with Answer & Explanation
Sign in or unlock XDR-ANALYST to reveal the answer and full explanation for question #103. The question stem and answer options stay visible for context.
Question
As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?
Options
- ACreate Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.
- BEnable DLL Protection on all servers but there might be some false positives.
- CCreate IOCs of the malicious files you have found to prevent their execution.
- DEnable Behavioral Threat Protection (BTP) with cytool to prevent the attack from spreading.
Unlock XDR-ANALYST to see the answer
You've previewed enough free XDR-ANALYST questions. Unlock XDR-ANALYST for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.