Weekend Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dumps65

DumpsWrap Logo

Paloalto Networks PCDRA Dumps

Page: 1 / 9
Total 91 questions
Get PCDRA Full Access Download PCDRA PDF

Palo Alto Networks Certified Detection and Remediation Analyst Questions and Answers

Question 1

Which Type of IOC can you define in Cortex XDR?

Options:

A.

destination port

B.

e-mail address

C.

full path

D.

App-ID

Question 2

What is by far the most common tactic used by ransomware to shut down a victim’s operation?

Options:

A.

preventing the victim from being able to access APIs to cripple infrastructure

B.

denying traffic out of the victims network until payment is received

C.

restricting access to administrative accounts to the victim

D.

encrypting certain files to prevent access by the victim

Question 3

In incident-related widgets, how would you filter the display to only show incidents that were “starred”?

Options:

A.

Create a custom XQL widget

B.

This is not currently supported

C.

Create a custom report and filter on starred incidents

D.

Click the starin the widget

Question 4

A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate. Which statement is correct for the incident?

Options:

A.

It is true positive.

B.

It is false positive.

C.

It is a false negative.

D.

It is true negative.

Question 5

Which two types of exception profiles you can create in Cortex XDR? (Choose two.)

Options:

A.

exception profiles that apply to specific endpoints

B.

agent exception profiles that apply to specific endpoints

C.

global exception profiles that apply to all endpoints

D.

role-based profiles that apply to specific endpoints

Question 6

Which module provides the best visibility to view vulnerabilities?

Options:

A.

Live Terminal module

B.

Device Control Violations module

C.

Host Insights module

D.

Forensics module

Question 7

What is the outcome of creating and implementing an alert exclusion?

Options:

A.

The Cortex XDR agent will allow the process that was blocked to run on the endpoint.

B.

The Cortex XDR console will hide those alerts.

C.

The Cortex XDR agent will not create an alert for this event in the future.

D.

The Cortex XDR console will delete those alerts and block ingestion of them in the future.

Question 8

Where would you goto add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?

Options:

A.

Find the Malware profile attached to the endpoint, Under Portable Executable and DLL Examination add the hash to the allow list.

B.

Fromthe rules menu select new exception, fill out the criteria, choose the scope to apply it to, hit save.

C.

Find the exceptions profile attached to the endpoint, under process exceptions select local analysis, paste the hash and save.

D.

In the Action Center, choose Allow list, select new action, select add to allow list, add your hash to the list, and apply it.

Question 9

Which profiles can the user use to configure malware protection in the Cortex XDR console?

Options:

A.

MalwareProtection profile

B.

Malware profile

C.

Malware Detection profile

D.

Anti-Malware profile

Load More PCDRA Questions
Page: 1 / 9
Total 91 questions
Get PCDRA Full Access Download PCDRA PDF