New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PCDRA Exam - Topic 12 Question 71 Discussion

Actual exam question for Palo Alto Networks's PCDRA exam
Question #: 71
Topic #: 12
[All PCDRA Questions]

The Cortex XDR console has triggered an incident, blocking a vitally important piece of software in your organization that is known to be benign. Which of the following options would prevent Cortex XDR from blocking this software in the future, for all endpoints in your organization?

Show Suggested Answer Hide Answer
Suggested Answer: D

Cortex XDR allows you to schedule reports and forward them to Slack, a cloud-based collaboration platform. You can configure the Slack channel, frequency, and recipients of the scheduled reports. You can also view the report history and status in the Cortex XDR management console.Reference:

Scheduled Queries: This document explains how to create, edit, and manage scheduled queries and reports in Cortex XDR.

Forward Scheduled Reports to Slack: This document provides the steps to configure Slack integration and forward scheduled reports to a Slack channel.


by Vanna at Jan 15, 2025, 01:28 PM

Limited Time Offer

25%

Off

Get Premium PCDRA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rosalind
3 months ago
I disagree, individual alert exclusions are safer!
upvoted 0 times
...
Lino
3 months ago
A global exception sounds risky, but might be necessary.
upvoted 0 times
...
Theodora
3 months ago
Wait, are we sure this software is really benign?
upvoted 0 times
...
Wynell
4 months ago
I think a global exception is the way to go.
upvoted 0 times
...
Nydia
4 months ago
Definitely go for a global inclusion!
upvoted 0 times
...
Rosalyn
4 months ago
I’m a bit confused about the difference between global inclusion and global exception. I hope it’s not too tricky!
upvoted 0 times
...
Tresa
4 months ago
I practiced a similar question, and I think individual exclusions only work for specific cases, so that rules out A and C, right?
upvoted 0 times
...
Lucy
4 months ago
I'm not entirely sure, but I feel like creating a global exception would cover all bases. That sounds like the right approach.
upvoted 0 times
...
Jacqueline
5 months ago
I think I remember something about global settings being more effective for all endpoints, so maybe it's option B or D?
upvoted 0 times
...
Nieves
5 months ago
The global inclusion sounds like the most straightforward solution, but I'm worried it might have unintended consequences. Maybe an individual alert exclusion would be a safer approach?
upvoted 0 times
...
Stephane
5 months ago
I'm a bit confused here. Is an endpoint-specific exception the same as an individual alert exclusion? I'm not sure which one would be the better choice.
upvoted 0 times
...
Gail
5 months ago
I'm leaning towards the global exception option. That way, we can make sure the software is allowed to run on all endpoints without triggering any alerts.
upvoted 0 times
...
Ling
5 months ago
Hmm, I'm not sure about that. Creating a global inclusion seems a bit risky to me. Maybe an individual alert exclusion would be a safer bet?
upvoted 0 times
...
Francine
5 months ago
I think the best option here is to create a global inclusion. That way, the software will be allowed to run on all endpoints without any issues.
upvoted 0 times
...
Abel
9 months ago
Haha, this is like a game of 'Which door will let me through?' I'm just hoping I don't end up like the goat behind the wrong door!
upvoted 0 times
Geoffrey
8 months ago
C) Create an endpoint-specific exception.
upvoted 0 times
...
Dalene
8 months ago
B) Create a global inclusion.
upvoted 0 times
...
Alica
8 months ago
A) Create an individual alert exclusion.
upvoted 0 times
...
...
Tuyet
10 months ago
I'm torn between B and D. A global inclusion or a global exception both sound like they could work, but I'm not sure which one is the 'correct' answer. Guess I'd better review the Cortex XDR documentation again.
upvoted 0 times
Louvenia
9 months ago
Yeah, creating a global exception seems like the most efficient way to handle this situation.
upvoted 0 times
...
Natalie
9 months ago
Creating a global inclusion might not be as effective as a global exception in this case.
upvoted 0 times
...
Kenneth
9 months ago
I agree, a global exception would apply to all endpoints in the organization.
upvoted 0 times
...
Tomoko
9 months ago
I agree, a global exception would apply to all endpoints in the organization.
upvoted 0 times
...
Arlene
9 months ago
I think a global exception would be the best option to prevent Cortex XDR from blocking the software.
upvoted 0 times
...
Page
10 months ago
I think a global exception would be the best option to prevent Cortex XDR from blocking the software.
upvoted 0 times
...
...
Von
10 months ago
I'm not sure, but creating an individual alert exclusion might also work, right?
upvoted 0 times
...
Lashaunda
11 months ago
Option B looks like the way to go. A global inclusion seems like the best way to ensure this software is always allowed, no matter which endpoint it's running on.
upvoted 0 times
Anastacia
9 months ago
User 2: Yeah, that way the software will always be allowed on all endpoints.
upvoted 0 times
...
Hildred
10 months ago
User 1: I think creating a global inclusion is the best option.
upvoted 0 times
...
...
Lisandra
11 months ago
Hmm, I think option D seems the most straightforward here. Creating a global exception should prevent Cortex XDR from blocking the software across all endpoints.
upvoted 0 times
Jacki
9 months ago
I see your point. It's important to consider the scope of the solution when making this decision.
upvoted 0 times
...
Juan
9 months ago
That's true, but a global exception would ensure that the software is not blocked on any endpoint.
upvoted 0 times
...
Esteban
10 months ago
But wouldn't creating an individual alert exclusion be more specific to just that software?
upvoted 0 times
...
Pura
10 months ago
I agree, creating a global exception would be the best way to prevent this issue in the future.
upvoted 0 times
...
...
Tiera
11 months ago
I agree with Howard, a global exception would prevent blocking the software for all endpoints.
upvoted 0 times
...
Howard
11 months ago
I think creating a global exception would be the best option.
upvoted 0 times
...

Save Cancel