Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PCDRA Exam - Topic 1 Question 90 Discussion

Actual exam question for Palo Alto Networks's PCDRA exam
Question #: 90
Topic #: 1
[All PCDRA Questions]

In incident-related widgets, how would you filter the display to only show incidents that were ''starred''?

Show Suggested Answer Hide Answer
Suggested Answer: D

To filter the display to only show incidents that were ''starred'', you need to click the star in the widget. This will apply a filter that shows only the incidents that contain a starred alert, which is an alert that matches a specific condition that you define in the incident starring configuration.You can use the incident starring feature to prioritize and focus on the most important or relevant incidents in your environment1.

Let's briefly discuss the other options to provide a comprehensive explanation:

A) Create a custom XQL widget: This is not the correct answer. Creating a custom XQL widget is not necessary to filter the display to only show starred incidents. A custom XQL widget is a widget that you create by using the XQL query language to define the data source and the visualization type.You can use custom XQL widgets to create your own dashboards or reports, but they are not required for filtering incidents by stars2.

B) This is not currently supported: This is not the correct answer. Filtering the display to only show starred incidents is currently supported by Cortex XDR.You can use the star icon in the widget to apply this filter, or you can use the Filter Builder to create a custom filter based on the Starred field1.

C) Create a custom report and filter on starred incidents: This is not the correct answer. Creating a custom report and filtering on starred incidents is not the only way to filter the display to only show starred incidents. A custom report is a report that you create by using the Report Builder to define the data source, the layout, and the schedule.You can use custom reports to generate and share periodic reports on your Cortex XDR data, but they are not the only option for filtering incidents by stars3.

In conclusion, clicking the star in the widget is the simplest and easiest way to filter the display to only show incidents that were ''starred''. By using this feature, you can quickly identify and focus on the most critical or relevant incidents in your environment.


Filter Incidents by Stars

Create a Custom XQL Widget

Create a Custom Report

by Barbra at Apr 11, 2026, 01:22 PM

Limited Time Offer

25%

Off

Get Premium PCDRA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Annice
2 days ago
I'm not entirely sure, but I feel like clicking the star in the widget could work, so D might be an option too.
upvoted 0 times
...
Frederick
7 days ago
I think I remember that we can filter incidents by using a custom report, so maybe C is the right choice?
upvoted 0 times
...

Save Cancel