• Home
  • Articles
  • Latest [Oct 12, 2022] Palo Alto Networks PCDRA Exam Practice Test To Gain Brilliante Result [Q10-Q27]

Latest [Oct 12, 2022] Palo Alto Networks PCDRA Exam Practice Test To Gain Brilliante Result [Q10-Q27]

Share

Latest [Oct 12, 2022] Palo Alto Networks PCDRA Exam Practice Test To Gain Brilliante Result

Take a Leap Forward in Your Career by Earning Palo Alto Networks PCDRA


How much is the average salary of the Palo Alto Networks PCDRA Certified Professional?

The salary of the Palo Alto Networks PCDRA Certified Professional depends on the organization and company that you work for. Moreover, it also depends on the experience, qualification, the company's reputation, and skill set of the candidate. The average of a Palo Alto Networks PCDRA Certified Professional who prepared himself for the exam with the help of PCDRA Dumps is as follows:

  • In Australia: 30, 000 AUD
  • In the United States: 65, 000 USD
  • In the UK: 45, 000 GBP
  • In India: 50,000 INR

 

NEW QUESTION 10
Which of the following is NOT a precanned script provided by Palo Alto Networks?

  • A. quarantine_file
  • B. list_directories
  • C. process_kill_name
  • D. delete_file

Answer: A

 

NEW QUESTION 11
To create a BIOC rule with XQL query you must at a minimum filter on which field in order for it to be a valid BIOC rule?

  • A. causality_chain
  • B. threat_event
  • C. event_type
  • D. endpoint_name

Answer: C

 

NEW QUESTION 12
What is the purpose of targeting software vendors in a supply-chain attack?

  • A. to take advantage of a trusted software delivery method.
  • B. to access source code.
  • C. to report Zero-day vulnerabilities.
  • D. to steal users' login credentials.

Answer: D

 

NEW QUESTION 13
Which statement regarding scripts in Cortex XDR is true?

  • A. Any version of Python script can be run.
  • B. Any script can be imported including Visual Basic (VB) scripts.
  • C. The level of risk is assigned to the script upon import.
  • D. The script is run on the machine uploading the script to ensure that it is operational.

Answer: A

 

NEW QUESTION 14
When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)

  • A. Assign incidents to an analyst in bulk.
  • B. Change the status of multiple incidents.
  • C. Investigate several Incidents at once.
  • D. Delete the selected Incidents.

Answer: A,B

 

NEW QUESTION 15
You can star security events in which two ways? (Choose two.)

  • A. Create an alert-starring configuration.
  • B. Manually star an Incident.
  • C. Create an Incident-starring configuration.
  • D. Manually star an alert.

Answer: B,C

 

NEW QUESTION 16
What is the purpose of the Unit 42 team?

  • A. Unit 42 is responsible for threat research, malware analysis and threat hunting
  • B. Unit 42 is responsible for the configuration optimization of the Cortex XDR server
  • C. Unit 42 is responsible for automation and orchestration of products
  • D. Unit 42 is responsible for the rapid deployment of Cortex XDR agents

Answer: A

 

NEW QUESTION 17
With a Cortex XDR Prevent license, which objects are considered to be sensors?

  • A. Third-Party security devices
  • B. Syslog servers
  • C. Cortex XDR agents
  • D. Palo Alto Networks Next-Generation Firewalls

Answer: C

 

NEW QUESTION 18
As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?

  • A. Enable DLL Protection on all servers but there might be some false positives.
  • B. Create IOCs of the malicious files you have found to prevent their execution.
  • C. Create Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.
  • D. Enable Behavioral Threat Protection (BTP) with cytool to prevent the attack from spreading.

Answer: C

 

NEW QUESTION 19
When creating a BIOC rule, which XQL query can be used?

  • A. dataset = xdr_data
    | filter event_type = PROCESS and
    event_sub_type = PROCESS_START and
    action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
  • B. dataset = xdr_data
    | filter action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
    | fields action_process_image
  • C. dataset = xdr_data
    | filter event_behavior = true
    event_sub_type = PROCESS_START and
    action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
  • D. dataset = xdr_data
    | filter event_sub_type = PROCESS_START and
    action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"

Answer: A

 

NEW QUESTION 20
When viewing the incident directly, what is the "assigned to" field value of a new Incident that was just reported to Cortex?

  • A. Unassigned
  • B. It is blank
  • C. New
  • D. Pending

Answer: C

 

NEW QUESTION 21
Which type of BIOC rule is currently available in Cortex XDR?

  • A. Discovery
  • B. Dropper
  • C. Network
  • D. Threat Actor

Answer: B

 

NEW QUESTION 22
Which statement is true for Application Exploits and Kernel Exploits?

  • A. The ultimate goal of any exploit is to reach the kernel.
  • B. Application exploits leverage kernel vulnerability.
  • C. Kernel exploits are easier to prevent then application exploits.
  • D. The ultimate goal of any exploit is to reach the application.

Answer: D

 

NEW QUESTION 23
In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?

  • A. In the Restrictions Profile, add the file name and path to the Executable Files allow list.
  • B. Create a new rule exception and use the singer as the characteristic.
  • C. Add the signer to the allow list under the action center page.
  • D. Add the signer to the allow list in the malware profile.

Answer: D

 

NEW QUESTION 24
What kind of the threat typically encrypts user files?

  • A. SQL injection attacks
  • B. Zero-day exploits
  • C. supply-chain attacks
  • D. ransomware

Answer: D

 

NEW QUESTION 25
After scan, how does file quarantine function work on an endpoint?

  • A. Quarantine prevents an endpoint from communicating with anything besides the listed exceptions in the agent profile and Cortex XDR.
  • B. Quarantine removes a specific file from its location on a local or removable drive to a protected folder and prevents it from being executed.
  • C. Quarantine takes ownership of the files and folders and prevents execution through access control.
  • D. Quarantine disables the network adapters and locks down access preventing any communications with the endpoint.

Answer: B

 

NEW QUESTION 26
Which module provides the best visibility to view vulnerabilities?

  • A. Device Control Violations module
  • B. Host Insights module
  • C. Live Terminal module
  • D. Forensics module

Answer: B

 

NEW QUESTION 27
......

Authentic Best resources for PCDRA Online Practice Exam: https://www.actualtestsit.com/Palo-Alto-Networks/PCDRA-exam-prep-dumps.html

Updates Up to 365 days On Developing PCDRA Braindumps: https://drive.google.com/open?id=1-dOj94UUBmHSZxnz2nIQmn4_VIq7vrvl

Related Articles

more
Palo Alto Networks PCDRA Certification Practice Exam