Question

Cortex XDR can generate alerts when a rule condition matches to what two options?

a) Endpoint Event and Network Activity
b) Log Details and Timestamps
c) Process Tree and Registry Entries
d) User Activity and File Permissions

Answer 1

Cortex XDR can generate alerts based on rule conditions matching with Endpoint Event and Network Activity, which indicate potential security incidents.

Step-by-step explanation:

Cortex XDR is an advanced threat detection and response platform that can generate alerts based on specific rule conditions. The question focuses on what two options can trigger these alerts when a rule condition matches. The correct answer is a) Endpoint Event and Network Activity. When Cortex XDR detects events or patterns of behavior that do not comply with the defined rules due to a potential security threat, it triggers an alert. These events can be related to unusual endpoint activity or suspicious network traffic patterns, which indicate possible security incidents that require attention.