nerdexam
Palo_Alto_Networks

SECOPS-PRO · Question #4

SECOPS-PRO Question #4: Real Exam Question with Answer & Explanation

The correct answer is D. Analytics. The Analytics component correlates endpoint data and firewall logs to detect complex attack patterns and suspicious activity.

Question

A customer is investigating a security incident in which unusual network traffic is observed and a malicious process is identified on an endpoint. Which Cortex XDR capability assists with correlating firewall network logs and endpoint data in this environment?

Options

  • ALog stitching
  • BUser authentication management
  • CIndicator of compromise (IOC) rule
  • DAnalytics

Explanation

The Analytics component correlates endpoint data and firewall logs to detect complex attack patterns and suspicious activity.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SECOPS-PRO Practice