Which type of IOC can you define in Cortex XDR?
Which type of IOC can you define in Cortex XDR?
In Cortex XDR, an IOC (Indicator of Compromise) can be defined as a Destination IP Address. This allows the system to monitor and identify suspicious or malicious activity based on the destination IP addresses involved in network communications.
https://docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM/Cortex-XSIAM-Administrator-Guide/Working-with-IOCs#:~:text=Domain-,Destination%20IP%20address,-MD5%20hash
I agree for B