Palo_Alto_Networks
SECOPS-PRO · Question #80
SECOPS-PRO Question #80: Real Exam Question with Answer & Explanation
Sign in or unlock SECOPS-PRO to reveal the answer and full explanation for question #80. The question stem and answer options stay visible for context.
Question
A large enterprise utilizes Palo Alto Networks security infrastructure, including NGFWs, Cortex XSOAR for security orchestration, automation, and response, and a centralized SIEM. An analyst discovers a critical vulnerability (CVE-2023-XXXX) affecting a widely used internal application. Threat intelligence indicates this vulnerability is being actively exploited by a known APT group. The SOC'S current detection rules and playbooks within XSOAR do not explicitly cover this specific CVE. What is the most significant risk associated with this gap from a detection classification standpoint, and how should Cortex XSOAR be leveraged to mitigate it proactively?
Options
- AThe risk is a True Positive overload, as all scans for the vulnerability will generate alerts. XSOAR
- BThe risk is primarily a False Positive from misconfigured rules. XSOAR should be used to create
- CThe primary risk is a False Negative. XSOAR should be leveraged to ingest the new threat
- DThe risk is a True Negative. XSOAR should be used to ensure the vulnerability is not present on
- EThe risk is an 'unknown' state. XSOAR can only be used reactively after an incident has occurred.
Unlock SECOPS-PRO to see the answer
You've previewed enough free SECOPS-PRO questions. Unlock SECOPS-PRO for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.