Which of the following represents the correct relation of alerts to incidents?

PCDRA 0 Comments

Which of the following represents the correct relation of alerts to incidents?
A . Only alerts with the same host are grouped together into one Incident in a given time frame.
B . Alerts that occur within a three hour time frame are grouped together into one Incident.
C . Alerts with same causality chains that occur within a given time frame are grouped together into an Incident.
D . Every alert creates a new Incident.

Answer: A

Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/investigate-incidents/cortex-xdr-incidents.html

Latest PCDRA Dumps Valid Version with 60 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PCDRA PDF    PCDRA Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments