Q: 20
Which two components influence the incident score in Cortex XDR? (Choose two)
Options
Discussion
C/B here. Official guide and labs both point out that alert severity and number of correlated alerts are what actually drive the score in XDR. D and C don't influence it afaik but double check practice tests if unsure.
A and B imo. Alert severity levels drive the score and more correlated alerts stack up risk too. C and D don't actually move the incident score in XDR, at least as far as docs explain. Anybody see different on a live environment?
A and B, not D. Data source type doesn't impact the incident score itself.
Its D, seen a similar question in the practice test and official guide.
Be respectful. No spam.
