Q: 2
Which Cortex XDR feature allows hunting queries to be repeated automatically?
Options
Discussion
Its A based on what I remember from the docs and some official practice tests. Scheduled queries are the only ones that support auto-repeat for threat hunting, the others don’t schedule anything. Pretty sure but open to debate.
Its A, but if the question meant only saving queries instead of running them automatically, would it be B?
Its B here, since Query Library is where you manage and reuse hunting queries. I thought "automatically" might mean it's running by itself, but the library lets you repeat/launch saved queries whenever needed, so pretty sure that's what they mean. If they wanted automation specifically, they'd say schedule. Let me know if I'm missing something.
B
A tbh, unless they mean "repeat" as in manual re-running not actual automation, then it'd flip.
A makes the most sense. Scheduled queries are what lets XDR run hunting logic on a recurring basis, not just a one-off. Other options like B (query library) just save the query, they don’t automate anything. Pretty sure but correct me if I’m missing something.
A had something like this in a mock. The scheduled queries option matches the "repeated automatically" part.
Probably A for this. Scheduled queries do the repeat automatically bit, not just saving or showing queries like B or C.
A , saw something similar in an official guide and practice test. That feature is all about automating the hunt process.
A
Be respectful. No spam.
