Palo Alto Networks System Engineer – Cortex — Question 71
Which two entities can be created as a behavioral indicator of compromise (BIOC)? (Choose two.)
Answer options
- A. process
- B. data
- C. event alert
- D. network
Correct answer: A, D
Explanation
The correct answers are 'process' and 'network' because these can indicate abnormal behavior associated with compromises. 'Data' and 'event alert' do not inherently represent behaviors, making them less suitable as indicators of compromise.