Palo_Alto_Networks
XSIAM-ANALYST · Question #2
XSIAM-ANALYST Question #2: Real Exam Question with Answer & Explanation
Sign in or unlock XSIAM-ANALYST to reveal the answer and full explanation for question #2. The question stem and answer options stay visible for context.
Question
A Cortex XSIAM analyst is investigating a security incident involving a workstation after having deployed a Cortex XDR agent for 45 days. The incident details include the Cortex XDR Analytics Alert "Uncommon remote scheduled task creation." Which response will mitigate the threat?
Options
- ARevoke user access and conduct a user audit.
- BAllow list the processes to reduce alert noise.
- CInitiate the endpoint isolate action to contain the threat.
- DPrioritize blocking the source IP address to prevent further login attempts.
Unlock XSIAM-ANALYST to see the answer
You've previewed enough free XSIAM-ANALYST questions. Unlock XSIAM-ANALYST for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.