Palo_Alto_Networks
XDR-ENGINEER · Question #8
XDR-ENGINEER Question #8: Real Exam Question with Answer & Explanation
Sign in or unlock XDR-ENGINEER to reveal the answer and full explanation for question #8. The question stem and answer options stay visible for context.
Question
An analyst considers an alert with the category of lateral movement to be allowed and not needing to be checked in the future. Based on the image below, which action can an engineer take to address the requirement?
Options
- ACreate a behavioral indicator of compromise (BIOC) suppression rule for the parent process and
- BCreate an alert exclusion rule by using the alert source and alert name
- CCreate a disable injection and prevention rule for the parent process indicated in the alert
- DCreate an exception rule for the parent process and the exact command indicated in the alert
Unlock XDR-ENGINEER to see the answer
You've previewed enough free XDR-ENGINEER questions. Unlock XDR-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.