What will allow Cortex XSOAR to accomplish this in the most efficient way?

A Cortex XSOAR customer wants to ingest from a single mailbox. The mailbox brings in reported phishing emails and email requests from human resources (HR) to onboard new users. The customer wants to run two separate workflows from this mailbox, one for phishing and one for onboarding.

What will allow Cortex XSOAR to accomplish this in the most efficient way?

a. Usee machine learning (ML) to determine incident type

b. Create two instances of the email integration and classily one instance as ingesting incidents of type phishing and the other as ingesting incidents of type boarding

c. Use an incident classifier based on field in each type of email to classify those containing “Phish Alert” in the subject as phishing and those containing “Onboard Request” as onboarding

d. Create a playbook to process and determine incident type based on content of the email

Answer: C

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments