Palo Alto Networks XSIAM Analyst — Question 13
A security analyst is reviewing alerts and incidents associated with internal vulnerability scanning performed by the security operations team.
Which built-in incident domain will be assigned to these alerts and incidents in Cortex XSIAM?
Answer options
- A. Security
- B. Hunting
- C. IT
- D. Health
Correct answer: C
Explanation
The correct answer is C, as internal vulnerability scanning is primarily related to IT incidents, which involve system configurations and security flaws within the organization's IT environment. Options A (Security), B (Hunting), and D (Health) do not specifically address the context of internal vulnerability scanning, making them incorrect in this scenario.