Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 39

Which engine, of the following, in Cortex XDR determines the most relevant artifacts in each alert and aggregates all alerts related to an event into an incident?

Answer options

• A. Sensor Engine
• B. Causality Analysis Engine
• C. Log Stitching Engine
• D. Causality Chain Engine

Correct answer: B

Explanation

The Causality Analysis Engine is responsible for determining the most pertinent artifacts linked to alerts and grouping related alerts into incidents, making it the correct choice. The Sensor Engine focuses on data collection, the Log Stitching Engine handles log integration, and the Causality Chain Engine does not perform the aggregation of alerts into incidents.