March Sale Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Paloalto Networks PCDRA Dumps

Page: 1 / 2
Total 91 questions

Palo Alto Networks Certified Detection and Remediation Analyst Questions and Answers

Question 1

What is the standard installation disk space recommended to install a Broker VM?

Options:

A.

1GB disk space

B.

2GB disk space

C.

512GB disk space

D.

256GB disk space

Question 2

Which of the following policy exceptions applies to the following description?

‘An exception allowing specific PHP files’

Options:

A.

Support exception

B.

Local file threat examination exception

C.

Behavioral threat protection rule exception

D.

Process exception

Question 3

In incident-related widgets, how would you filter the display to only show incidents that were “starred”?

Options:

A.

Create a custom XQL widget

B.

This is not currently supported

C.

Create a custom report and filter on starred incidents

D.

Click the starin the widget

Question 4

Which two types of exception profiles you can create in Cortex XDR? (Choose two.)

Options:

A.

exception profiles that apply to specific endpoints

B.

agent exception profiles that apply to specific endpoints

C.

global exception profiles that apply to all endpoints

D.

role-based profiles that apply to specific endpoints

Question 5

What is the purpose of the Cortex Data Lake?

Options:

A.

a local storage facility where your logs and alert data can be aggregated

B.

a cloud-based storage facility where your firewall logs are stored

C.

the interface between firewalls and the Cortex XDR agents

D.

the workspace for your Cortex XDR agents to detonate potential malware files

Question 6

What is the function of WildFire for Cortex XDR?

Options:

A.

WildFire runs in the cloud and analyses alert data from the XDR agent to check for behavioural threats.

B.

WildFire is the engine that runs on the local agent and determines whether behavioural threats are occurring on the endpoint.

C.

WildFire accepts and analyses a sample to provide a verdict.

D.

WildFire runs entirely on the agent to quickly analyse samples and provide a verdict.

Question 7

What is the outcome of creating and implementing an alert exclusion?

Options:

A.

The Cortex XDR agent will allow the process that was blocked to run on the endpoint.

B.

The Cortex XDR console will hide those alerts.

C.

The Cortex XDR agent will not create an alert for this event in the future.

D.

The Cortex XDR console will delete those alerts and block ingestion of them in the future.

Question 8

Which statement best describes how Behavioral Threat Protection (BTP) works?

Options:

A.

BTP injects into known vulnerable processes to detect malicious activity.

B.

BTP runs on the Cortex XDR and distributes behavioral signatures to all agents.

C.

BTP matches EDR data with rules provided by Cortex XDR.

D.

BTP uses machine Learning to recognize malicious activity even if it is not known.

Question 9

Which statement is true for Application Exploits and Kernel Exploits?

Options:

A.

The ultimate goal of any exploit is to reach the application.

B.

Kernel exploits are easier to prevent then application exploits.

C.

The ultimate goal of any exploit is to reach the kernel.

D.

Application exploits leverage kernel vulnerability.

Page: 1 / 2
Total 91 questions