Palo_Alto_NetworksPalo_Alto_Networks
PCCSE · Question #235
PCCSE Question #235: Real Exam Question with Answer & Explanation
The correct answer is D: To correlate individual events to identify potential attacks and provide a sequence of process, file. See the full explanation below for the reasoning.
Security Operations and Incident Response
Question
What is the purpose of Incident Explorer in Prisma Cloud Compute under the "Monitor" section?
Options
- ATo store large amounts of forensic data on the host where Console runs to enable a more rapid
- BTo sort through large amounts of audit data manually in order to identify developing attacks
- CTo identify and suppress all audit events generated by the defender
- DTo correlate individual events to identify potential attacks and provide a sequence of process, file
Topics
#Prisma Cloud Compute Monitoring#Incident Explorer#Event Correlation#Attack Detection
Community Discussion
No community discussion yet for this question.