Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Palo Alto Networks Exam PCDRA Topic 12 Question 71 Discussion

Actual exam question for Palo Alto Networks's PCDRA exam
Question #: 71
Topic #: 12
[All PCDRA Questions]

The Cortex XDR console has triggered an incident, blocking a vitally important piece of software in your organization that is known to be benign. Which of the following options would prevent Cortex XDR from blocking this software in the future, for all endpoints in your organization?

Show Suggested Answer Hide Answer
Suggested Answer: D

Cortex XDR allows you to schedule reports and forward them to Slack, a cloud-based collaboration platform. You can configure the Slack channel, frequency, and recipients of the scheduled reports. You can also view the report history and status in the Cortex XDR management console.Reference:

Scheduled Queries: This document explains how to create, edit, and manage scheduled queries and reports in Cortex XDR.

Forward Scheduled Reports to Slack: This document provides the steps to configure Slack integration and forward scheduled reports to a Slack channel.


by Vanna at Jan 15, 2025, 01:28 PM

Limited Time Offer

25%

Off

Get Premium PCDRA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Abel
2 days ago
Haha, this is like a game of 'Which door will let me through?' I'm just hoping I don't end up like the goat behind the wrong door!
upvoted 0 times
...
Tuyet
15 days ago
I'm torn between B and D. A global inclusion or a global exception both sound like they could work, but I'm not sure which one is the 'correct' answer. Guess I'd better review the Cortex XDR documentation again.
upvoted 0 times
Page
4 days ago
I think a global exception would be the best option to prevent Cortex XDR from blocking the software.
upvoted 0 times
...
...
Von
1 months ago
I'm not sure, but creating an individual alert exclusion might also work, right?
upvoted 0 times
...
Lashaunda
1 months ago
Option B looks like the way to go. A global inclusion seems like the best way to ensure this software is always allowed, no matter which endpoint it's running on.
upvoted 0 times
Anastacia
User 2: Yeah, that way the software will always be allowed on all endpoints.
upvoted 0 times
...
Hildred
6 days ago
User 1: I think creating a global inclusion is the best option.
upvoted 0 times
...
...
Lisandra
1 months ago
Hmm, I think option D seems the most straightforward here. Creating a global exception should prevent Cortex XDR from blocking the software across all endpoints.
upvoted 0 times
Juan
2 days ago
That's true, but a global exception would ensure that the software is not blocked on any endpoint.
upvoted 0 times
...
Esteban
8 days ago
But wouldn't creating an individual alert exclusion be more specific to just that software?
upvoted 0 times
...
Pura
23 days ago
I agree, creating a global exception would be the best way to prevent this issue in the future.
upvoted 0 times
...
...
Tiera
1 months ago
I agree with Howard, a global exception would prevent blocking the software for all endpoints.
upvoted 0 times
...
Howard
1 months ago
I think creating a global exception would be the best option.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77