nerdexam
Palo_Alto_Networks

PCCSE · Question #9

A customer does not want alerts to be generated from network traffic that originates from trusted internal networks. Which setting should you use to meet this customer's request?

The correct answer is A. Anomaly Trusted List. The Anomaly Trusted List in Prisma Cloud allows administrators to define trusted IP addresses, CIDRs, or networks so that anomaly detection policies do not generate alerts for traffic originating from those sources. This is specifically designed to suppress false-positive anomaly

Cloud Network Security

Question

A customer does not want alerts to be generated from network traffic that originates from trusted internal networks. Which setting should you use to meet this customer's request?

Options

  • AAnomaly Trusted List
  • BTrusted Alert IP Addresses
  • CEnterprise Alert Disposition
  • DTrusted Login IP Addresses

How the community answered

(47 responses)
  • A
    87% (41)
  • B
    6% (3)
  • C
    4% (2)
  • D
    2% (1)

Explanation

The Anomaly Trusted List in Prisma Cloud allows administrators to define trusted IP addresses, CIDRs, or networks so that anomaly detection policies do not generate alerts for traffic originating from those sources. This is specifically designed to suppress false-positive anomaly alerts from known-good internal traffic. Option B (Trusted Alert IP Addresses) is not a standard Prisma Cloud feature name. Option C (Enterprise Alert Disposition) controls global alert behavior but not source-based suppression. Option D (Trusted Login IP Addresses) is used to whitelist IPs for administrative login access, not for suppressing network anomaly alerts.

Topics

#Network Security#Alert Management#Anomaly Detection#Traffic Whitelisting

Community Discussion

No community discussion yet for this question.

Full PCCSE Practice