Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 52

Which type of IOC can you define in Cortex XDR?

Answer options

• A. Source port
• B. Destination IP Address
• C. Destination IP Address:Destination
• D. Source IP Address

Correct answer: B

Explanation

The correct answer is B, as Cortex XDR allows the definition of destination IP addresses as indicators of compromise (IOCs) for tracking and analyzing threats. Options A and D refer to source-related IOCs, while option C is a malformed representation of an IOC, making them incorrect in this context.