This page was exported from Exams Labs Braindumps [ http://blog.examslabs.com ]
Export date: Thu Nov 7 7:27:07 2024 / +0000 GMT

[Apr-2022] PCDRA Dumps PDF - PCDRA Real Exam Questions Answers [Q34-Q51]




[Apr-2022] PCDRA Dumps PDF - PCDRA Real Exam Questions Answers

PCDRA Dumps 100% Pass Guarantee With Latest Demo


Palo Alto Networks PCDRA Exam Syllabus Topics:

TopicDetails
Topic 1
  • Describe how to use the Broker as a proxy between the agents and XDR in the Cloud
  • Describe details of the ingestion methods
Topic 2
  • Identify the connection of analytic detection capabilities to MITRE
  • List the options to highlight or suppress incidents
Topic 3
  • Outline how Cortex XDR ingests other non-Palo Alto Networks data sources
  • Describe how to use the Broker to activate Pathfinder
Topic 4
  • Identify common investigation screens and processes
  • Describe what actions can be performed using the live terminal
Topic 5
  • Identify legitimate threats (true positives) vs. illegitimate threats (false positives)
  • Outline incident collaboration and management using XDR
Topic 6
  • Characterize the differences between incidents and alerts
  • Identify the investigation capabilities of Cortex XDR
Topic 7
  • Define communication options
  • channels to and from the client
  • Distinguish between different proxies
Topic 8
  • Describe how to use XDR to prevent supply chain attacks
  • Categorize the types and structures of vulnerabilities
Topic 9
  • Outline distributing and scheduling capabilities of Cortex XDR
  • Identify the information needed for a given audience
Topic 10
  • Define product modules that help identify threats
  • Summarize the generally available references for vulnerabilities
Topic 11
  • Distinguish between automatic vs. manual remediations
  • Describe how to fix false positives
  • Describe basic remediation
Topic 12
  • Characterize the differences between application protection and kernel protection
  • Characterize the differences between malware and exploits
Topic 13
  • Identify the use of malware prevention modules (MPMs)
  • Identify the profiles that must be configured for malware prevention
Topic 14
  • Explain the purpose and use of the query builder technique
  • Explain the purpose and use of the IOC technique

 

NO.34 With a Cortex XDR Prevent license, which objects are considered to be sensors?

 
 
 
 

NO.35 As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to open a malicious Word document. You learn from the WildFire report and AutoFocus that this document is known to have been used in Phishing campaigns since 2018. What steps can you take to ensure that the same document is not opened by other users in your organization protected by the Cortex XDR agent?

 
 
 
 

NO.36 What is the outcome of creating and implementing an alert exclusion?

 
 
 
 

NO.37 What functionality of the Broker VM would you use to ingest third-party firewall logs to the Cortex Data Lake?

 
 
 
 

NO.38 Which of the following is an example of a successful exploit?

 
 
 
 

NO.39 What license would be required for ingesting external logs from various vendors?

 
 
 
 

NO.40 While working the alerts involved in a Cortex XDR incident, an analyst has found that every alert in this incident requires an exclusion. What will the Cortex XDR console automatically do to this incident if all alerts contained have exclusions?

 
 
 
 

NO.41 Which two types of exception profiles you can create in Cortex XDR? (Choose two.)

 
 
 
 

NO.42 Network attacks follow predictable patterns. If you interfere with any portion of this pattern, the attack will be neutralized. Which of the following statements is correct?

 
 
 
 

NO.43 When is the wss (WebSocket Secure) protocol used?

 
 
 
 

NO.44 Which Type of IOC can you define in Cortex XDR?

 
 
 
 

NO.45 Where can SHA256 hash values be used in Cortex XDR Malware Protection Profiles?

 
 
 
 

NO.46 Which of the following represents the correct relation of alerts to incidents?

 
 
 
 

NO.47 If you have an isolated network that is prevented from connecting to the Cortex Data Lake, which type of Broker VM setup can you use to facilitate the communication?

 
 
 
 

NO.48 When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)

 
 
 
 

NO.49 When creating a BIOC rule, which XQL query can be used?

 
 
 
 

NO.50 Which module provides the best visibility to view vulnerabilities?

 
 
 
 

NO.51 As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?

 
 
 
 

Dumps Real Palo Alto Networks PCDRA Exam Questions [Updated 2022]: https://www.examslabs.com/Palo-Alto-Networks/Palo-Alto-Certifications-and-Accreditations/best-PCDRA-exam-dumps.html
Post date: 2022-04-21 12:00:23
Post date GMT: 2022-04-21 12:00:23
Post modified date: 2022-04-21 12:00:23
Post modified date GMT: 2022-04-21 12:00:23