Palo Alto Networks System Engineer – Cortex — Question 52

Which two items are stitched to the Cortex XDR causality chain? (Choose two.)

Answer options

• A. firewall alert
• B. security and information event management (SIEM) alert
• C. registry set value
• D. full uniform resource locator (URL)

Correct answer: A, D

Explanation

The correct answers, A and D, are components that provide critical information for the analysis of security incidents in Cortex XDR. A firewall alert indicates a potential security threat, while a full URL can denote the specific resource accessed, helping in tracing the attack path. Options B and C, while relevant to security, do not directly contribute to the causality chain in the same manner as A and D.