• Home
  • Articles
  • [Mar-2022] Verified Palo Alto Networks PCDRA Bundle Real Exam Dumps PDF [Q36-Q52]

[Mar-2022] Verified Palo Alto Networks PCDRA Bundle Real Exam Dumps PDF [Q36-Q52]

Share

[Mar-2022] Verified Palo Alto Networks PCDRA Bundle Real Exam Dumps PDF

PCDRA Dumps PDF New [2022] Ultimate Study Guide

NEW QUESTION 36
Which module provides the best visibility to view vulnerabilities?

  • A. Forensics module
  • B. Live Terminal module
  • C. Host Insights module
  • D. Device Control Violations module

Answer: C

 

NEW QUESTION 37
When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)

  • A. Delete the selected Incidents.
  • B. Investigate several Incidents at once.
  • C. Assign incidents to an analyst in bulk.
  • D. Change the status of multiple incidents.

Answer: C,D

 

NEW QUESTION 38
Which statement is true based on the following Agent Auto Upgrade widget?

  • A. Agent Auto Upgrade has not been enabled.
  • B. There are a total of 689 Up To Date agents.
  • C. Agent Auto Upgrade was enabled but not on all endpoints.
  • D. There are more agents in Pending status than In Progress status.

Answer: C

 

NEW QUESTION 39
What is the purpose of the Cortex Data Lake?

  • A. the interface between firewalls and the Cortex XDR agents
  • B. the workspace for your Cortex XDR agents to detonate potential malware files
  • C. a local storage facility where your logs and alert data can be aggregated
  • D. a cloud-based storage facility where your firewall logs are stored

Answer: D

 

NEW QUESTION 40
As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?

  • A. Enable DLL Protection on all servers but there might be some false positives.
  • B. Create Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.
  • C. Enable Behavioral Threat Protection (BTP) with cytool to prevent the attack from spreading.
  • D. Create IOCs of the malicious files you have found to prevent their execution.

Answer: B

 

NEW QUESTION 41
Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?

  • A. Data Ingestion Dashboard
  • B. Security Manager Dashboard
  • C. Incident Management Dashboard
  • D. Security Admin Dashboard

Answer: B

 

NEW QUESTION 42
When creating a scheduled report which is not an option?

  • A. Run weekly on a certain day and time.
  • B. Run monthly on a certain day and time.
  • C. Run daily at a certain time (selectable hours and minutes).
  • D. Run quarterly on a certain day and time.

Answer: D

 

NEW QUESTION 43
What is the function of WildFire for Cortex XDR?

  • A. WildFire accepts and analyses a sample to provide a verdict.
  • B. WildFire is the engine that runs on the local agent and determines whether behavioural threats are occurring on the endpoint.
  • C. WildFire runs in the cloud and analyses alert data from the XDR agent to check for behavioural threats.
  • D. WildFire runs entirely on the agent to quickly analyse samples and provide a verdict.

Answer: A

 

NEW QUESTION 44
Which two types of exception profiles you can create in Cortex XDR? (Choose two.)

  • A. global exception profiles that apply to all endpoints
  • B. role-based profiles that apply to specific endpoints
  • C. exception profiles that apply to specific endpoints
  • D. agent exception profiles that apply to specific endpoints

Answer: A,C

 

NEW QUESTION 45
If you have an isolated network that is prevented from connecting to the Cortex Data Lake, which type of Broker VM setup can you use to facilitate the communication?

  • A. Broker VM Pathfinder
  • B. Local Agent Proxy
  • C. Broker VM Syslog Collector
  • D. Local Agent Installer and Content Caching

Answer: D

 

NEW QUESTION 46
Phishing belongs which of the following MITRE ATT&CK tactics?

  • A. Reconnaissance, Initial Access
  • B. Reconnaissance, Persistence
  • C. Persistence, Command and Control
  • D. Initial Access, Persistence

Answer: A

 

NEW QUESTION 47
What kind of the threat typically encrypts user files?

  • A. SQL injection attacks
  • B. ransomware
  • C. supply-chain attacks
  • D. Zero-day exploits

Answer: B

 

NEW QUESTION 48
Where can SHA256 hash values be used in Cortex XDR Malware Protection Profiles?

  • A. SHA256 hashes cannot be used in Cortex XDR Malware Protection Profiles
  • B. in the Windows Malware Protection Profile to indicate allowed executables
  • C. in the Linux Malware Protection Profile to indicate allowed Java libraries
  • D. in the macOS Malware Protection Profile to indicate allowed signers

Answer: B

 

NEW QUESTION 49
An attacker tries to load dynamic libraries on macOS from an unsecure location. Which Cortex XDR module can prevent this attack?

  • A. Dylib Hijacking
  • B. Hot Patch Protection
  • C. Kernel Integrity Monitor (KIM)
  • D. DDL Security

Answer: A

Explanation:
Reference:
%20process

 

NEW QUESTION 50
What are two purposes of "Respond to Malicious Causality Chains" in a Cortex XDR Windows Malware profile? (Choose two.)

  • A. Automatically kill the processes involved in malicious activity.
  • B. Automatically close the connections involved in malicious traffic.
  • C. Automatically block the IP addresses involved in malicious traffic.
  • D. Automatically terminate the threads involved in malicious activity.

Answer: B,C

Explanation:
Reference:
%20threat%20protection%2C%20the,appear%20legitimate%20if%20inspected%20individually

 

NEW QUESTION 51
A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?

  • A. Manually remediate the problem on the endpoint in question.
  • B. Open an NFS connection from the Cortex XDR console and delete the file.
  • C. Initiate Remediate Suggestions to automatically delete the file.
  • D. Open X2go from the Cortex XDR console and delete the file via X2go.

Answer: A

 

NEW QUESTION 52
......

Pass Your Palo Alto Networks Exam with PCDRA Exam Dumps: https://www.actualpdf.com/PCDRA_exam-dumps.html

PCDRA Exam Dumps PDF Updated Dump: https://drive.google.com/open?id=1sg5C-VbuGAeqGtE2husYCv7E3Av1p5bW

Related Articles

more
Palo Alto Networks PCDRA Certification Practice Exam