You can star security events in which two ways? (Choose two.)
You can star security events in which two ways? (Choose two.)
You can star security events in two ways: manually star an alert or incident. This can be done by directly marking the alert or incident after reviewing it. Creating configurations to star alerts or incidents is not a correct way to directly star individual security events.
I am confused here, the documentation says to create an incident starring configuration, but in the configuration setting it says "Create New Alert Starring Configuration"
From stduy guıde: You can star incidents in two ways: You can manually star an incident after reviewing it, or you can create an incident-starring configuration that automatically categorizes and stars incidents when a related alert contains the specific attributes that you decide are important.
AD for sure
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Prevent-Administrator-Guide/Manage-Incident-Starring You can manually star an incident after reviewing it, or you can create an incident starring configuration that automatically categorizes and stars incidents when a related alert contains the specific attributes that you decide are important.
The correct answer is B and D. From the Study Guide. Incident related starring
AD: You can star incidents in two ways: You can manually star an incident after reviewing it, or you can create an incident starring configuration
I guess B and D are correct.
You can manually star an incident after reviewing it, or you can create an incident starring configuration that automatically categorizes and stars incidents when a related alert contains the specific attributes that you decide are important. https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Prevent-Administrator-Guide/Manage-Incident-Starring
can manually star incident and using Starred Alerts rule under Incident Configuration