When initiated, which Cortex XDR capability allows immediate termination of the process or whole process tree on an anomalous process discovered during investigation of a security event?
When initiated, which Cortex XDR capability allows immediate termination of the process or whole process tree on an anomalous process discovered during investigation of a security event?
The Cortex XDR capability that allows immediate termination of the process or whole process tree during the investigation of a security event is the live terminal. Live terminal provides real-time access to the endpoint, allowing security analysts to take direct actions such as terminating processes, which is crucial during an investigation to mitigate threats promptly.
D is correct