A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?
A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?
On a Linux endpoint with Cortex XDR Pro per Endpoint, manual remediation on the endpoint is a feasible action for deleting a malicious file. This involves directly accessing the infected endpoint and manually removing the malicious file. Other options such as X2go and NFS connections from the Cortex XDR console are not standard methods for such a task within this specific context. Additionally, the option to initiate Remediate Suggestions is typically available for Windows endpoints, not Linux.
I think the answer is C. See this overview from Palo Alto: https://youtu.be/HBzxmSjHYt4?si=JqjrLZkLTXBeqXpp&t=452. Here he talks about deleting a file through the Remediation Suggestions.
Remediation Suggestions is available only for Windows, so the answer C is Incorrect. B and D are also incorrect, there is no X2go or NFS, instead, there is "Live Terminal"
@ Blahziblah Please check your referred video. I think "A" is the right option.
yes remediation suggestions lets you delete the file, the keyword in C "automatically" is problematic for me. it is the best choice out of these though.