New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PSE-Cortex Exam - Topic 1 Question 25 Discussion

Actual exam question for Palo Alto Networks's PSE-Cortex exam
Question #: 25
Topic #: 1
[All PSE-Cortex Questions]

An adversary is attempting to communicate with malware running on your network for the purpose of controlling malware activities or for ex filtrating data from your network. Which Cortex XDR Analytics alert is this activity most likely to trigger'?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Herman at Aug 23, 2022, 12:34 AM

Limited Time Offer

25%

Off

Get Premium PSE-Cortex Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rashad
4 months ago
Wow, I didn't even know DNS Tunneling was a thing!
upvoted 0 times
...
Lauran
4 months ago
Wait, are we sure it's not C? New Admin Behavior could fit too.
upvoted 0 times
...
Lavera
4 months ago
Definitely B, that's the most direct alert for this.
upvoted 0 times
...
Lashon
4 months ago
I think D, DNS Tunneling makes more sense here.
upvoted 0 times
...
Barbra
4 months ago
I'm pretty sure it's B, Malware.
upvoted 0 times
...
Suzi
5 months ago
I'm leaning towards "Uncommon Local Scheduled Task Creation" because it seems like a way to maintain persistence, but I could be mixing up the details.
upvoted 0 times
...
Daniela
5 months ago
I practiced a similar question, and I think "New Administrative Behavior" could be relevant if the malware is trying to escalate privileges.
upvoted 0 times
...
Eric
5 months ago
I remember studying about malware alerts, and I feel like "Malware" is too broad. It could apply to many situations, right?
upvoted 0 times
...
Barbra
5 months ago
I think the alert for DNS Tunneling might be the right choice since it involves communication with external servers, but I'm not entirely sure.
upvoted 0 times
...
Isaac
5 months ago
Hmm, I'm not too familiar with Huawei's specific service offerings. I'll need to think this through and try to eliminate the options that don't seem to match the question.
upvoted 0 times
...
Eleni
5 months ago
This is a tricky one. I'm not super familiar with the Backup Exec DLM feature, so I'll need to rely on my general knowledge and process of elimination to try and figure this out. Let me think through the options...
upvoted 0 times
...
Kristin
5 months ago
This is a good question to test our understanding of object-oriented design principles. I'll need to weigh the tradeoffs between a single point of reference and the benefits of modularization.
upvoted 0 times
...

Save Cancel