Q: 17
Which of the following can be configured in a prevention policy but not in an extension profile?
Options
Discussion
Its A. You can only set malware blocking rules in a prevention policy, not in an extension profile. Extension (agent settings) profiles are more about agent operations and enabling modules, but malware rules specifically live inside the prevention policy. Pretty sure this lines up with how Cortex XDR splits configuration. Correct me if I’m off!
A for sure. Had something like this in a mock, malware blocking is only configurable in the prevention policy, not within extension (agent settings) profiles. Host firewall and device control stuff can go in agent profiles but malware prevention needs its own policy. If I missed some hidden feature let me know, but pretty confident here.
I thought it was C, since host firewall stuff needs special handling and sometimes those settings aren't in the same place as prevention controls. Saw a similar split between firewall and prevention on other tools too, but not 100%.
Probably A, saw a similar question in practice exams and malware blocking rules are set via prevention policy only.
Be respectful. No spam.
