A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?
A. Manually remediate the problem on the endpoint in question.
B. Open X2go from the Cortex XDR console and delete the file via X2go.
C. Initiate Remediate Suggestions to automatically delete the file.
D. Open an NFS connection from the Cortex XDR console and delete the file.
Which of the following best defines the Windows Registry as used by the Cortex XDR agent?
A. a hierarchical database that stores settings for the operating system and for applications
B. a system of files used by the operating system to commit memory that exceeds the available hardware resources. Also known as the "swap"
C. a central system, available via the internet, for registering officially licensed versions of software to prove ownership
D. a ledger for maintaining accurate and up-to-date information on total disk usage and disk space remaining available to the operating system
Which statement best describes how Behavioral Threat Protection (BTP) works?
A. BTP injects into known vulnerable processes to detect malicious activity.
B. BTP runs on the Cortex XDR and distributes behavioral signatures to all agents.
C. BTP matches EDR data with rules provided by Cortex XDR.
D. BTP uses machine Learning to recognize malicious activity even if it is not known.
A. Enable DLL Protection on all endpoints but there might be some false positives.
B. Create Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.
C. No step is required because Cortex shares IOCs with our fellow Cyber Threat Alliance members.
D. No step is required because the malicious document is already stopped.
When investigating security events, which feature in Cortex XDR is useful for reverting the changes on the endpoint?
A. Remediation Automation
B. Machine Remediation
C. Automatic Remediation
D. Remediation Suggestions
What is the purpose of the Cortex Data Lake?
A. a local storage facility where your logs and alert data can be aggregated
B. a cloud-based storage facility where your firewall logs are stored
C. the interface between firewalls and the Cortex XDR agents
D. the workspace for your Cortex XDR agents to detonate potential malware files
When creating a scheduled report which is not an option?
A. Run weekly on a certain day and time.
B. Run quarterly on a certain day and time.
C. Run monthly on a certain day and time.
D. Run daily at a certain time (selectable hours and minutes).
Which statement regarding scripts in Cortex XDR is true?
A. Any version of Python script can be run.
B. The level of risk is assigned to the script upon import.
C. Any script can be imported including Visual Basic (VB) scripts.
D. The script is run on the machine uploading the script to ensure that it is operational.
What is the function of WildFire for Cortex XDR?
A. WildFire runs in the cloud and analyses alert data from the XDR agent to check for behavioural threats.
B. WildFire is the engine that runs on the local agent and determines whether behavioural threats are occurring on the endpoint.
C. WildFire accepts and analyses a sample to provide a verdict.
D. WildFire runs entirely on the agent to quickly analyse samples and provide a verdict.
After scan, how does file quarantine function work on an endpoint?
A. Quarantine takes ownership of the files and folders and prevents execution through access control.
B. Quarantine disables the network adapters and locks down access preventing any communications with the endpoint.
C. Quarantine removes a specific file from its location on a local or removable drive to a protected folder and prevents it from being executed.
D. Quarantine prevents an endpoint from communicating with anything besides the listed exceptions in the agent profile and Cortex XDR.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCDRA exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.