Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques.
Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques.
Cortex XDR Analytics is designed to detect and alert on a broad range of activities that align with specific tactics and techniques in the MITRE ATT&CK framework. Given the options, the combination of 'Exfiltration, Command and Control, Collection' makes the most sense as these categories encompass core actions involved in gathering and transferring data, as well as maintaining control over the compromised environment. Exfiltration involves moving data out of the environment, Command and Control refers to the attackers maintaining communication with the compromised systems, and Collection is the gathering of relevant data from the target systems.
it does list those three but in the picture next to it in the guide, it shows impact as well but does not describe it.
@ Chiquitabandita: you are right. It means the option D is correct answer. -Execution -Persistence -Discovery -Lateral Movement -Command and Control -Exfiltration
D is correct, refer to the official document:https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Analytics-Concepts