PCDRA · Question #28
PCDRA Question #28: Real Exam Question with Answer & Explanation
The correct answer is B: Cortex XDR Analytics does not interfere with the pattern as soon as it is observed on the endpoint.. Cortex XDR Analytics is a behavioral analytics engine that collects and correlates data across endpoints, firewalls, and other sources to detect attack patterns over time. It does NOT block or interfere with activity the instant a single indicator appears on an endpoint. Instead,
Question
Network attacks follow predictable patterns. If you interfere with any portion of this pattern, the attack will be neutralized. Which of the following statements is correct?
Options
- ACortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the firewall.
- BCortex XDR Analytics does not interfere with the pattern as soon as it is observed on the endpoint.
- CCortex XDR Analytics does not have to interfere with the pattern as soon as it is observed on the
- DCortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the endpoint.
Explanation
Cortex XDR Analytics is a behavioral analytics engine that collects and correlates data across endpoints, firewalls, and other sources to detect attack patterns over time. It does NOT block or interfere with activity the instant a single indicator appears on an endpoint. Instead, it builds a picture of the full attack chain from aggregated telemetry. This is why B is correct: the Analytics module does not interfere with the pattern the moment it is first observed on the endpoint - it needs sufficient pattern data before generating an alert or response.
Topics
Community Discussion
No community discussion yet for this question.