Palo_Alto_Networks
SECOPS-PRO · Question #54
SECOPS-PRO Question #54: Real Exam Question with Answer & Explanation
Sign in or unlock SECOPS-PRO to reveal the answer and full explanation for question #54. The question stem and answer options stay visible for context.
Question
Which action should an administrator take to create automated response actions when a user account is compromised, allowing attacker to upload data to an external IP address and infect a machine on the company network with malware?
Options
- ACreate automation rules in Cortex XDR that will trigger for each alert.
- BCreate a script in Cortex XSOAR that will run a playbook based on the scenario.
- CCreate playbook triggers in Cortex XSIAM and run playbooks for each alert.
- DMap the events as type of Cortex XSOAR incident, then run a playbook.
Unlock SECOPS-PRO to see the answer
You've previewed enough free SECOPS-PRO questions. Unlock SECOPS-PRO for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.