Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 42

What is the outcome of creating and implementing an alert exclusion?

Answer options

• A. The Cortex XDR agent will allow the process that was blocked to run on the endpoint.
• B. The Cortex XDR console will hide those alerts.
• C. The Cortex XDR agent will not create an alert for this event in the future.
• D. The Cortex XDR console will delete those alerts and block ingestion of them in the future.

Correct answer: B

Explanation

The correct answer is B because creating an alert exclusion means that the Cortex XDR console will no longer display those specific alerts. Options A, C, and D are incorrect because they imply changes to the alert generation process or deletion of alerts, which do not occur with just an exclusion.