nerdexam
Palo_Alto_Networks

SECOPS-PRO · Question #52

SECOPS-PRO Question #52: Real Exam Question with Answer & Explanation

The correct answer is A. File search and destroy. "File search and destroy" is generally unavailable for Linux servers in Cortex XSIAM due to the lack of native agent-based destructive capabilities on Linux endpoints.

Question

Which response action in Cortex XSIAM would be unavailable to a SOC analyst investigating an incident involving a Linux server?

Options

  • AFile search and destroy
  • BLive Terminal session initiation
  • CRunning a script
  • DHalting network access

Explanation

"File search and destroy" is generally unavailable for Linux servers in Cortex XSIAM due to the lack of native agent-based destructive capabilities on Linux endpoints.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SECOPS-PRO Practice