Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 21

Which Type of IOC can you define in Cortex XDR?

Answer options

• A. destination port
• B. e-mail address
• C. full path
• D. App-ID

Correct answer: C

Explanation

The correct answer is C, 'full path', as Cortex XDR allows users to define full paths as indicators of compromise. The other options, while relevant in different contexts, do not fall under the types of IOCs that can be defined within Cortex XDR.