Where can SHA256 hash values be used in Cortex XDR Malware Protection Profiles?
Where can SHA256 hash values be used in Cortex XDR Malware Protection Profiles?
In Cortex XDR Malware Protection Profiles, SHA256 hash values can be used in the Windows Malware Protection Profile to indicate allowed executables. The purpose of this feature is to ensure that specific known safe executables are permitted to run, based on their unique SHA256 hash values. This allows administrators to define which executables are trusted and can help prevent malicious executables from running on the system.
C is the answer
Answer is C, Allow list has been moved from Prevention Profiles to Exceptions Configuration
I think it should be C, cannot find any configuration on malware profile related to hash value allow
● CreatesaRuleException based onthePROCESSSHA256fieldforIOCrules that hit more than 100 endpoints over a 72-hour period. Changing answer to D for this part in the study guide : https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/datasheets/education/pcdra-study-guide.pdf
answer C
Correct Answer: D