Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PCDRA Topic 12 Question 45 Discussion

Actual exam question for Palo Alto Networks's Palo Alto Networks Certified Detection and Remediation Analyst exam
Question #: 45
Topic #: 12
[All Palo Alto Networks Certified Detection and Remediation Analyst Questions]

How can you pivot within a row to Causality view and Timeline views for further investigate?

Show Suggested Answer Hide Answer
Suggested Answer: B

To pivot within a row to Causality view and Timeline views for further investigation, you can use the Open Card and Open Timeline actions respectively. The Open Card action will open a new tab with the Causality view of the selected row, showing the causal chain of events that led to the alert. The Open Timeline action will open a new tab with the Timeline view of the selected row, showing the chronological sequence of events that occurred on the affected endpoint. These actions allow you to drill down into the details of each alert and understand the root cause and impact of the incident.Reference:

Cortex XDR User Guide, Chapter 9: Investigate Alerts, Section: Pivot to Causality View and Timeline View

PCDRA Study Guide, Section 3: Investigate and Respond to Alerts, Objective 3.1: Investigate alerts using the Causality view and Timeline view


Contribute your Thoughts:

Kristin
6 months ago
Yeah, that makes sense to me. The question is specifically asking about how to pivot within a row, so B seems like the most comprehensive answer.
upvoted 0 times
...
Alline
6 months ago
Okay, let's think this through. I'm leaning towards option B, as it seems to suggest we can use both the Open Card and Open Timeline actions to pivot between the views.
upvoted 0 times
...
Barb
6 months ago
Hmm, I think it has something to do with navigating between different views, but I'm not sure which option is the right one.
upvoted 0 times
...
Camellia
6 months ago
This question seems a bit tricky. I'm not entirely sure about the correct answer here.
upvoted 0 times
Roy
6 months ago
Good idea, let's confirm that
upvoted 0 times
...
Major
6 months ago
Maybe we should double check the instructions to be sure
upvoted 0 times
...
Lisbeth
6 months ago
I'm not entirely sure about the correct answer either
upvoted 0 times
...
Delisa
6 months ago
I don't think so, I believe it's using both Open Card and Open Timeline actions
upvoted 0 times
...
Hui
6 months ago
But what if the correct answer is actually using Open Timeline Actions Only?
upvoted 0 times
...
Marla
6 months ago
That sounds right to me
upvoted 0 times
...
Marget
6 months ago
Using the Open Card and Open Timeline actions respectively
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77