Palo_Alto_Networks
XDR-ENGINEER · Question #49
XDR-ENGINEER Question #49: Real Exam Question with Answer & Explanation
Sign in or unlock XDR-ENGINEER to reveal the answer and full explanation for question #49. The question stem and answer options stay visible for context.
Question
A security audit determines that the Windows Cortex XDR host-based firewall is not blocking outbound RDP connections for certain remote workers. The audit report confirms the following: - All devices are running healthy Cortex XDR agents. - A single host-based firewall rule to block all outbound RDP is implemented. - The policy hosting the profile containing the rule applies to all Windows endpoints. - The logic within the firewall rule is adequate. - Further testing concludes RDP is successfully being blocked on all devices tested at company HQ. - Network location configuration in Agent Settings is enabled on all Windows endpoints. What is the likely reason the RDP connections are not being blocked?
Options
- AThe profile's default action for outbound traffic is set to Allow
- BThe pertinent host-based firewall rule group is only applied to external rule groups
- CReport mode is set to Enabled in the report settings under the profile configuration
- DThe pertinent host-based firewall rule group is only applied to internal rule groups
Unlock XDR-ENGINEER to see the answer
You've previewed enough free XDR-ENGINEER questions. Unlock XDR-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.