Palo_Alto_Networks
XDR-ENGINEER · Question #6
XDR-ENGINEER Question #6: Real Exam Question with Answer & Explanation
Sign in or unlock XDR-ENGINEER to reveal the answer and full explanation for question #6. The question stem and answer options stay visible for context.
Question
Which action is being taken with the query below? dataset = xdr_data | fields agent_hostname, _time, _product | comp latest as latest_time by agent_hostname, _product | join type=inner (dataset = endpoints | fields endpoint_name, endpoint_status, endpoint_type) as lookup lookup.endpoint_name = agent_hostname | filter endpoint_status = ENUM.CONNECTED | fields agent_hostname, endpoint_status, latest_time, _product
Options
- AMonitoring the latest activity of endpoints
- BIdentifying endpoints that have disconnected from the network
- CMonitoring the latest activity of connected firewall endpoints
- DChecking for endpoints with outdated agent versions
Unlock XDR-ENGINEER to see the answer
You've previewed enough free XDR-ENGINEER questions. Unlock XDR-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.