Palo Alto Networks Cybersecurity Entry-Level Technician (PCCET) — Question 11

Systems that allow for accelerated incident response through the execution of standardized and automated playbooks that work upon inputs from security technology and other data flows are known as what?

Answer options

Correct answer: C

Explanation

The correct answer is C, SOAR, which stands for Security Orchestration, Automation, and Response. SOAR platforms streamline incident response processes by automating workflows based on predefined playbooks. Options A (XDR), B (STEP), and D (SIEM) do not specifically focus on the automation and orchestration capabilities that SOAR provides for incident response.