Palo Alto Networks Security Operations Professional — Question 1

Which component of Cortex XDR is designed to detect insider threats?

Answer options

• A. Forensics
• B. Identity Analytics
• C. Cloud Identity Engine
• D. Host Insights

Correct answer: B

Explanation

The correct answer is B, Identity Analytics, as it specializes in monitoring user behavior to identify potential insider threats. The other options, while useful for various security functions, do not specifically focus on detecting threats from within the organization.