Knowee
Questions
Features
Study Tools

Which remediation endpoint action disables all network access on compromised endpoints except for traffic to the Cortex XDR management console, preventing these endpoints from communicating with and potentially infecting other endpoints?1 pointTerminate ProcessesIsolate EndpointsBlock ExecutionsQuarantine Files

Question

Which remediation endpoint action disables all network access on compromised endpoints except for traffic to the Cortex XDR management console, preventing these endpoints from communicating with and potentially infecting other endpoints?1 pointTerminate ProcessesIsolate EndpointsBlock ExecutionsQuarantine Files

🧐 Not the exact question you are looking for?Go ask a question

Solution 1

To determine which remediation endpoint action disables all network access on compromised endpoints except for traffic to the Cortex XDR management console, follow these steps:

  1. Understand the Options:

    • Terminate Processes: This action stops specific processes running on the endpoint. It does not affect network access.
    • Isolate Endpoints: This action restricts the endpoint's network access, allowing only communication with the management console.
    • Block Executions: This action prevents certain applications or processes from running on the endpoint. It does not affect network access.
    • Quarantine Files: This action moves suspicious files to a secure location to prevent them from causing harm. It does not affect network access.

  2. Identify the Requirement:

    • The requirement is to disable all network access on compromised endpoints except for traffic to the Cortex XDR management console.

  3. Match the Requirement to the Options:

    • The action that matches this requirement is Isolate Endpoints. This action ensures that the endpoint can only communicate with the Cortex XDR management console, effectively preventing it from communicating with and potentially infecting other endpoints.

Therefore, the correct remediation endpoint action is:

Isolate Endpoints

This problem has been solved

Solution 2

To determine which remediation endpoint action disables all network access on compromised endpoints except for traffic to the Cortex XDR management console, follow these steps:

  1. Understand the Options:

    • Terminate Processes: This action stops specific processes running on the endpoint.
    • Isolate Endpoints: This action restricts the endpoint's network access, allowing only essential communication.
    • Block Executions: This action prevents certain applications or processes from running.
    • Quarantine Files: This action moves suspicious files to a secure location to prevent them from causing harm.

  2. Identify the Requirement:

    • The requirement is to disable all network access on compromised endpoints except for traffic to the Cortex XDR management console.

  3. Match the Requirement to the Options:

    • Terminate Processes does not address network access.
    • Isolate Endpoints specifically mentions restricting network access while allowing essential communication, which fits the requirement.
    • Block Executions focuses on preventing applications from running, not network access.
    • Quarantine Files deals with handling suspicious files, not network access.

  4. Conclusion:

    • The action that matches the requirement of disabling all network access except for traffic to the Cortex XDR management console is Isolate Endpoints.

Therefore, the correct answer is: Isolate Endpoints

This problem has been solved

Similar Questions

Which Cortex XDR component is designed to minimize the operational challenges associated with protecting your endpoints?1 pointManagement ConsoleEndpoint AgentData LakeMalware Prevention

The Cortex XDR agent uses multiple methods – such as local analysis, WildFire inspection and analysis, Gatekeeper enhancements, trusted publisher identification, and administrator override policies – to block malware on macOS systems.1 pointTrueFalse

What does endpoint security focus on?Regular software updatesMulti-factor authentication stepsRapid incident responseIndividual devices

Which of the following are tasks you can perform with the Intune Endpoint Manager? (Select two.)answerExport an endpoint security policy in Excel format.Duplicate an endpoint security policy.Generate a network traffic report.Resolve non-adherence conflicts.Intercept traffic between an attacker and a target.

In addition to third-party feeds, Cortex XDR uses the intelligence obtained from tens of thousands of subscribers to the Palo Alto Networks WildFire malware prevention service to continuously aggregate threat data and maintain the collective immunity of all users across endpoints, networks, and cloud applications.1 pointTrueFalse

1/1

Upgrade your grade with Knowee

Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.