What is the purpose of Incident Explorer in Prisma Cloud Compute under the "Monitor" section?
A.
To sort through large amounts of audit data manually in order to identify developing attacks
B.
To store large amounts of forensic data on the host where Console runs to enable a more rapid and effective
response to incidents
C.
To correlate individual events to identify potential attacks and provide a sequence of process, file system, and network events for a comprehensive view of an incident
D.
To identify and suppress all audit events generated by the defender
The purpose of Incident Explorer in Prisma Cloud Compute under the "Monitor" section is to provide a comprehensive view of incidents by correlating individual events. This helps identify potential attacks through a sequence of processes, file system, and network events, thereby giving a complete picture of an incident's timeline and impact.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit