Which of the following represents the correct relation of alerts to incidents?
Which of the following represents the correct relation of alerts to incidents?
A . Only alerts with the same host are grouped together into one Incident in a given time frame.
B . Alerts that occur within a three hour time frame are grouped together into one Incident.
C . Alerts with same causality chains that occur within a given time frame are grouped together into an Incident.
D . Every alert creates a new Incident.
Answer: A
Explanation:
Reference: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/investigate-incidents/cortex-xdr-incidents.html
Latest PCDRA Dumps Valid Version with 60 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Subscribe
Login
0 Comments
Inline Feedbacks
View all comments