Which two types of exception profiles you can create in Cortex XDR? (Choose two.)
A. exception profiles that apply to specific endpoints
B. agent exception profiles that apply to specific endpoints
C. global exception profiles that apply to all endpoints
D. role-based profiles that apply to specific endpoints
Which profiles can the user use to configure malware protection in the Cortex XDR console?
A. Malware Protection profile
B. Malware profile
C. Malware Detection profile
D. Anti-Malware profile
Which module provides the best visibility to view vulnerabilities?
A. Live Terminal module
B. Device Control Violations module
C. Host Insights module
D. Forensics module
Which of the following is NOT a precanned script provided by Palo Alto Networks?
A. delete_file
B. quarantine_file
C. process_kill_name
D. list_directories
Live Terminal uses which type of protocol to communicate with the agent on the endpoint?
A. NetBIOS over TCP
B. WebSocket
C. UDP and a random port
D. TCP, over port 80
You can star security events in which two ways? (Choose two.)
A. Create an alert-starring configuration.
B. Create an Incident-starring configuration.
C. Manually star an alert.
D. Manually star an Incident.
Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?
A. Find the Malware profile attached to the endpoint, Under Portable Executable and DLL Examination add the hash to the allow list.
B. From the rules menu select new exception, fill out the criteria, choose the scope to apply it to, hit save.
C. Find the exceptions profile attached to the endpoint, under process exceptions select local analysis, paste the hash and save.
D. In the Action Center, choose Allow list, select new action, select add to allow list, add your hash to the
list, and apply it.
Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?
A. Hash Verdict Determination
B. Behavioral Threat Protection
C. Restriction Policy
D. Child Process Protection
While working the alerts involved in a Cortex XDR incident, an analyst has found that every alert in this incident requires an exclusion. What will the Cortex XDR console automatically do to this incident if all alerts contained have exclusions?
A. mark the incident as Unresolved
B. create a BIOC rule excluding this behavior
C. create an exception to prevent future false positives
D. mark the incident as Resolved ?False Positive
Network attacks follow predictable patterns. If you interfere with any portion of this pattern, the attack will be neutralized. Which of the following statements is correct?
A. Cortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the firewall.
B. Cortex XDR Analytics does not interfere with the pattern as soon as it is observed on the endpoint.
C. Cortex XDR Analytics does not have to interfere with the pattern as soon as it is observed on the endpoint in order to prevent the attack.
D. Cortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the endpoint.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCDRA exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.