Which alert deposition severity must be chosen to generate low and high severity alerts in the Anomaly settings when user wants to report on an unknown browser and OS, impossible time travel, or both due to account hijacking attempts?
B
Alert Disposition - Aggressive
Generate alerts for the events with unusual OS and unusual browser or consecutive logins from distant locations within short time (impossible time travel) or both the cases
Alert Disposition - Conservative
Generate alerts for only the events with consecutive logins from distant locations within short time (impossible time travel)
High --> is referring to Training Model Threshold
Moderate --> There isn't
Answer is B:
Aggressive:
For unusual user activity—Report on either unknown location or service, or both to classify an anomaly.
For account hijacking—Report on unknown browser and Operating System, impossible time travel, or both.
For anomalous compute provisioning activity—Reports on low and higher severity alerts.
B
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/define-prisma-cloud-enterprise-settings
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.PCCSE Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Spippolo
11Â months agoRedrum702
1Â year, 3Â months agotipzzz
1Â year, 3Â months agoRedrum702
1Â year, 3Â months ago