Which Cortex XDR agent capability prevents loading malicious files from USB-connected removable equipment?

The capability that prevents loading malicious files from USB-connected removable equipment is Device Control. This feature is designed to regulate and manage the use of external devices, such as USB drives, to ensure that only authorized or safe devices can be connected to the system. With Device Control, organizations can enforce policies that block the use of potentially harmful USB devices or those that could transfer malicious files, thereby protecting the endpoint from various forms of malware and unauthorized data access.

By implementing this control, security teams can mitigate risks associated with removable media, which are common vectors for introducing threats into a network. Device Control plays a vital role in maintaining the integrity of systems and safeguarding sensitive information from being exfiltrated or corrupted via external devices.

The other capabilities mentioned do not focus specifically on the management of USB devices or the prevention of file transfers from these sources. Agent Management tends to deal with the overall deployment and updating of agents within the environment, while Agent Configuration involves setting up the agents with specific parameters. Device authorization relates to validating the credentials and permissions for device access, but it does not specifically address the functionality of controlling the types of devices that can be connected or the data that can be transferred from them.