What is the best method to block this IP from communicating with endpoints without requiring a configuration change on the firewall?

PSE Cortex V0 0 Comments

Cortex XSOAR has extracted a malicious Internet Protocol (IP) address involved in command-and-control (C2) traffic.

What is the best method to block this IP from communicating with endpoints without requiring a configuration change on the firewall?

a. Have XSOAR automatically add the IP address to a deny rule in the firewall

b. Have XSOAR automatically add the IP address to a threat intelligence management (TIM) malicious IP list to elevate priority of future alerts

c. Have XSOAR automatically add the IP address to an external dynamic list (EDL) used by the firewall

d. Have XSOAR automatically create a NetOps ticket requesting a configuration change to the firewall to block the IP

Answer: C

Latest PSE Cortex Dumps Valid Version with 60 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PSE Cortex PDF     PSE Cortex Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments