Q: 5
[Cortex XDR Agent Configuration]
How are dynamic endpoint groups created and managed in Cortex XDR?
Options
Discussion
Option D
C/D? Leaning D since dynamic endpoint groups use OS type and other criteria.
D . Dynamic endpoint groups in Cortex XDR are based on stuff like OS type and network segment, so they update automatically without manual intervention. B talks about multiple group membership but that’s not the dynamic part here. Pretty sure D fits what the question’s asking.
Option D since dynamic groups in Cortex XDR are built using attributes like OS type or network segment. Static groups would need manual intervention, but D matches the automation piece. Unless Palo changed this recently, that's what I've seen in practice.
Yeah, D. Dynamic groups auto-populate based on attributes like OS type or version.
Option D makes sense for dynamic endpoint groups in Cortex XDR since they're defined by fields like OS or segment, auto-populating as endpoints match those criteria. B would apply if the question was about static groups, but "dynamic" is the key here. I think some folks mix this up since other EDRs blur the lines. Agree?
D imo, since dynamic endpoint groups rely on matching criteria like OS type and network segment to auto-populate membership. B is tempting, but that's not the main mechanism for group creation here. If I'm off let me know.
C or D? D talks about using fields like OS type for automatic group creation, which matches the 'dynamic' part of the question. C feels like a trap though, since you can change policies without deleting groups. Think D is right but open to pushback.
Probably B, since endpoints can be in multiple groups, might be a trick here.
Nah, I don’t think B fits here. The dynamic part means groups get filled automatically based on stuff like OS type or version, which is what D describes. B is a common trap in XDR questions since multiple group membership doesn’t always mean it’s dynamic. Seen similar wording on practice sets.
Be respectful. No spam.
