Palo Alto Networks XSIAM Analyst — Question 3

How can a SOC analyst highlight alerts generated on C-level executive hosts?

Answer options

• A. Add the C-level executive users to the Executive Accounts asset role.
• B. Add a tag to the C-level executive users.
• C. Create a Featured Alert field for the C-level hosts.
• D. Create a dynamic group for the C-level hosts.

Correct answer: C

Explanation

The correct answer is C because creating a Featured Alert field specifically for C-level hosts allows those alerts to be easily identified and prioritized. Options A and B do not provide a method to highlight alerts directly, while D may organize hosts but does not specifically focus on alert visibility.