What is the cause when alerts generated by a correlation rule are not creating an incident?

• A.The rule is configured with alert severity below Medium.
• B.The rule does not have a drill-down query configured
• C.The rule has alert suppression enabled
• D.The rule is using the preconfigured Cortex XSIAM alert field mapping.

Comment: *

Name: *

Email: *

Verification: *

A ransomware alert triggers a playbook. What automated responses would be suitable?
Response:

• A.Initiate file quarantine
• B.Block related hash across the environment
• C.Alert legal counsel
• D.Trigger data encryption

Comment: *

Name: *

Email: *

Verification: *

Which type of analytics will trigger the alert on the image shown?

• A.Contextual
• B.Baseline
• C.Behavioral
• D.Anomaly

Comment: *

Name: *

Email: *

Verification: *

Match the alert type to its primary detection method:
Alert Type
A) IOC
B) BIOC
C) Correlation
D) XDR Agent
Detection Method
1. Known bad indicator match
2. Behavioral anomalies in endpoint logs
3. Multi-source activity correlation
4. Native agent telemetry generation
Response:

• A.A-1, B-3, C-2, D-4
• B.A-1, B-2, C-3, D-4
• C.A-1, B-2, C-4, D-3
• D.A-4, B-2, C-3, D-1

Comment: *

Name: *

Email: *

Verification: *

Matching - ASM Use Case to Feature
Use Case
A) Identify exposed CVEs
B) Review vulnerable asset details
C) Investigate active threat paths
D) Monitor evolving service risks
Feature
1. Attack surface rules
2. Asset inventory
3. Threat response center
4. Continuous ASM scans
Response:

• A.A-1, B-3, C-2, D-4
• B.A-1, B-2, C-3, D-4
• C.A-1, B-4, C-3, D-2
• D.A-4, B-2, C-3, D-1

Comment: *

Name: *

Email: *

Verification: *