Which two types of indicators of compromise (IOCs) are available for creation in Cortex XDR? (Choose two.)
Which two types of indicators of compromise (IOCs) are available for creation in Cortex XDR? (Choose two.)
In Cortex XDR, two types of indicators of compromise (IOCs) that can be created are 'Internet Protocol (IP)' and 'domain.' These types are used to detect malicious network activity by identifying suspicious IP addresses and domains known to be associated with threat actors.
B,C https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Create-an-IOC-Rule 3.Configure the IOC criteria. b. Configure the IOC TYPE. Options are Full Path, File Name, Domain, Destination IP, and MD5 or SHA256 Hash.