Are you preparing for Palo Alto Networks PCDRA exam? We just cracked the latest Palo Alto Networks Certified Detection and Remediation Analyst PCDRA real exam questions, which are useful in your preparation. The PCDRA certification validates that engineers possess the in-depth skills and knowledge to develop playbooks, manage incidents, create automations and integrations and demonstrate the highest standard of deployment methodology and operational best practices associated with Palo Alto Networks Cortex XDR. All the related PCDRA exam information is shared below.
Study Palo Alto Networks PCDRA exam information is a first step for you to understand the test.
Number of items: 60-75
Format: Multiple choice, Scenarios with Graphics, and Matching
Language: English
Total Seat Time: 90 minutes (Time for reviewing Palo Alto Networks Exam Security Policy: 5 minutes, and 5 minutes for Survey)
Time for Exam Items: 80 minutes
Palo Alto Networks Certified Detection and Remediation Analyst PCDRA exam topics cover the following details.
Palo Alto Networks PCDRA real exam questions are the best preparation material for you to study all the above Palo Alto Networks Certified Detection and Remediation Analyst PCDRA exam topics. Share some Palo Alto Networks PCDRA real exam questions and answers below.
1.You can star security events in which two ways? (Choose two.)
A. Create an alert-starring configuration.
B. Manually star an Incident.
C. Manually star an alert.
D. Create an Incident-starring configuration.
Answer: BD
2.When investigating security events, which feature in Cortex XDR is useful for reverting the changes on the endpoint?
A. Machine Remediation
B. Remediation Suggestions
C. Automatic Remediation
D. Remediation Automation
Answer: B
3.Which module provides the best visibility to view vulnerabilities?
A. Host Insights module
B. Forensics module
C. Live Terminal module
D. Device Control Violations module
Answer: A
4.As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?
A. Create Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.
B. Create IOCs of the malicious files you have found to prevent their execution.
C. Enable DLL Protection on all servers but there might be some false positives.
D. Enable Behavioral Threat Protection (BTP) with cytool to prevent the attack from spreading.
Answer: A
5.When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)
A. Investigate several Incidents at once.
B. Change the status of multiple incidents.
C. Assign incidents to an analyst in bulk.
D. Delete the selected Incidents.
Answer: BC
