Which two areas of Cortex XDR are used for threat hunting activities? (Choose two.)
Which two areas of Cortex XDR are used for threat hunting activities? (Choose two.)
Threat hunting activities within Cortex XDR leverage the Query Builder and Live Terminal. The Query Builder is used to craft specific and tailored queries to search for and identify potential threats within the data. The Live Terminal provides a direct and interactive way to investigate and respond to security events on endpoints by initiating a remote connection to the endpoint, allowing deeper inspection and immediate remediation actions.
B & C should be correct
B, C are correct To investigate and respond to security events on endpoints, you can use the Live Terminal to initiate a remote connection to an endpoint. With flexible XQL search, you can unearth almost any threat using a broad set of search commands and options. XQL search allows you to find adversary tactics across the attack lifecycle and hunt down stealthy attack behaviors by constructing laser-precise queries. You can also search for indicators of compromise (IoCs) in your data to reveal malicious activity that might otherwise be virtually impossible to find
B,C are correct