Examice

Exam PCDRA All QuestionsBrowse all questions from this exam

Go to Exam

Question 35

What is the outcome of creating and implementing an alert exclusion?

The Cortex XDR agent will allow the process that was blocked to run on the endpoint.

The Cortex XDR console will hide those alerts.

The Cortex XDR agent will not create an alert for this event in the future.

The Cortex XDR console will delete those alerts and block ingestion of them in the future.

Correct Answer: C

Creating and implementing an alert exclusion in Cortex XDR ensures that the Cortex XDR agent will not create an alert for this specific event in the future. This means that the agent will recognize the conditions set in the alert exclusion and bypass alerting for those conditions going forward.

Discussion

ChiquitabanditaOption: B

"Alert Exclusion rules specify match criteria for alerts that you want to suppress."

XuannnnOAOOption: B

B is correct, refer to the official document:https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Exception-Configuration