When viewing the incident directly, what is the "assigned to" field value of a new Incident that was just reported to Cortex?
A. Pending
B. It is blank
C. Unassigned
D. New
What is the purpose of the Unit 42 team?
A. Unit 42 is responsible for automation and orchestration of products
B. Unit 42 is responsible for the configuration optimization of the Cortex XDR server
C. Unit 42 is responsible for threat research, malware analysis and threat hunting
D. Unit 42 is responsible for the rapid deployment of Cortex XDR agents
What license would be required for ingesting external logs from various vendors?
A. Cortex XDR Pro per Endpoint
B. Cortex XDR Vendor Agnostic Pro
C. Cortex XDR Pro per TB
D. Cortex XDR Cloud per Host
An attacker tries to load dynamic libraries on macOS from an unsecure location. Which Cortex XDR module can prevent this attack?
A. DDL Security
B. Hot Patch Protection
C. Kernel Integrity Monitor (KIM)
D. Dylib Hijacking
When creating a custom XQL query in a dashboard, how would a user save that XQL query to the Widget Library?
A. Click the three dots on the widget and then choose "Save" and this will link the query to the Widget Library.
B. This isn't supported, you have to exit the dashboard and go into the Widget Library first to create it.
C. Click on "Save to Action Center" in the dashboard and you will be prompted to give the query a name and description.
D. Click on "Save to Widget Library" in the dashboard and you will be prompted to give the query a name and description.
What are two purposes of "Respond to Malicious Causality Chains" in a Cortex XDR Windows Malware profile? (Choose two.)
A. Automatically close the connections involved in malicious traffic.
B. Automatically kill the processes involved in malicious activity.
C. Automatically terminate the threads involved in malicious activity.
D. Automatically block the IP addresses involved in malicious traffic.
Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?
A. Security Manager Dashboard
B. Data Ingestion Dashboard
C. Security Admin Dashboard
D. Incident Management Dashboard
Phishing belongs which of the following MITRE ATTandCK tactics?
A. Initial Access, Persistence
B. Persistence, Command and Control
C. Reconnaissance, Persistence
D. Reconnaissance, Initial Access
When creating a BIOC rule, which XQL query can be used?
A. dataset = xdr_data | filter event_sub_type = PROCESS_START and action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
B. dataset = xdr_data | filter event_type = PROCESS and event_sub_type = PROCESS_START and action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
C. dataset = xdr_data | filter action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe" | fields action_process_image
D. dataset = xdr_data | filter event_behavior = true event_sub_type = PROCESS_START and action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCDRA exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.