U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks SecOps-Pro Exam - Topic 1 Question 4 Discussion

What is enabled by Role-Based Access Control (RBAC) in Cortex XDR?
A) Management of permissions and assignment of administrator access rights.
B) Ability to manage Cortex XDR features based on job function.
C) Automated response to detected threats based on user roles.
D) Granular control and visibility over network traffic policies based on user roles.

Palo Alto Networks SecOps-Pro Exam - Topic 1 Question 4 Discussion

Actual exam question for Palo Alto Networks's SecOps-Pro exam
Question #: 4
Topic #: 1
[All SecOps-Pro Questions]

What is enabled by Role-Based Access Control (RBAC) in Cortex XDR?

Show Suggested Answer Hide Answer
Suggested Answer: A

In Cortex XDR, Role-Based Access Control (RBAC) is the primary mechanism for enforcing the principle of least privilege within the management console. It allows organizations to define exactly what an administrator or analyst can see and do.

Permissions Management: RBAC allows the 'Account Admin' to create or use predefined roles (such as Security Admin, Instance Admin, or Viewer) that grant specific permissions for various actions like viewing alerts, performing remediation (isolating endpoints), or configuring malware profiles.

Assignment of Rights: These roles are then assigned to users or groups (often synced via SAML/Active Directory). This ensures that a Tier 1 analyst might have 'View Only' rights for certain logs, while a Tier 3 analyst or SOC Manager has the rights to execute scripts or initiate Live Terminal sessions.

Distinction from Network Policies: Unlike firewall rules (Option D), RBAC in Cortex XDR specifically governs administrative access to the platform itself, not the flow of user traffic across the network.


Contribute your Thoughts:

0/2000 characters

Currently there are no comments in this discussion, be the first to comment!


Save Cancel