Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location
Mob_nav_barsMENU

Palo Alto Networks PSE-Cortex Exam - Topic 5 Question 84 Discussion

Actual exam question for Palo Alto Networks's PSE-Cortex exam
Question #: 84
Topic #: 5
[All PSE-Cortex Questions]

An adversary attempts to communicate with malware running on a network in order to control malware activities or to exfiltrate data from the network.

Which Cortex XDR Analytics alert will this activity most likely trigger?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Gerald at Aug 15, 2025, 11:45 PM

Limited Time Offer

25%

Off

Get Premium PSE-Cortex Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Solange
5 days ago
I practiced a similar question, and I think the malware alert is too broad. DNS Tunneling seems more specific to the scenario described.
upvoted 0 times
...
Mel
11 days ago
I’m not entirely sure, but I feel like new administrative behavior could also be relevant if the malware is trying to escalate privileges.
upvoted 0 times
...
Rodney
17 days ago
I remember studying about malware communications, and I think DNS Tunneling might be the right alert since it’s often used for data exfiltration.
upvoted 0 times
...
Rosio
22 days ago
I'm a bit confused on this one. There are a few options that seem like they could be relevant, but I'm not totally sure which one is the best fit. I'll have to review the material on malware and network security alerts again before deciding.
upvoted 0 times
...
Reita
27 days ago
Okay, I've got this. The key is that the question is specifically asking about an adversary communicating with malware, so the alert that would most likely be triggered is D. DNS Tunneling. That's the one that seems to best match the scenario described.
upvoted 0 times
...
Fletcher
1 month ago
Hmm, I'm a little unsure about this one. Could it also be something like new administrative behavior or uncommon local scheduled task creation? I'll have to think it through a bit more.
upvoted 0 times
...
Larae
1 month ago
This one seems pretty straightforward. The question is asking about an alert that would be triggered by an adversary communicating with malware, so I'm thinking the answer is probably D. DNS Tunneling.
upvoted 0 times
...
Merilyn
3 months ago
I think the answer is D. DNS Tunneling, that's the most likely activity to trigger a Cortex XDR alert in this scenario.
upvoted 0 times
Odette
2 months ago
I agree, DNS Tunneling is a common technique used by adversaries to communicate with malware.
upvoted 0 times
...
...

Save Cancel