What is the purpose of the Cortex Data Lake?
a local storage facility where your logs and alert data can be aggregated
a cloud-based storage facility where your firewall logs are stored
the interface between firewalls and the Cortex XDR agents
the workspace for your Cortex XDR agents to detonate potential malware files
What is the function of WildFire for Cortex XDR?
WildFire runs in the cloud and analyses alert data from the XDR agent to check for behavioural threats.
WildFire is the engine that runs on the local agent and determines whether behavioural threats are occurring on the endpoint.
WildFire accepts and analyses a sample to provide a verdict.
WildFire runs entirely on the agent to quickly analyse samples and provide a verdict.
What is the outcome of creating and implementing an alert exclusion?
The Cortex XDR agent will allow the process that was blocked to run on the endpoint.
The Cortex XDR console will hide those alerts.
The Cortex XDR agent will not create an alert for this event in the future.
The Cortex XDR console will delete those alerts and block ingestion of them in the future.
Which statement best describes how Behavioral Threat Protection (BTP) works?
BTP injects into known vulnerable processes to detect malicious activity.
BTP runs on the Cortex XDR and distributes behavioral signatures to all agents.
BTP matches EDR data with rules provided by Cortex XDR.
BTP uses machine Learning to recognize malicious activity even if it is not known.