Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Paloalto Networks
  3. Palo Alto Certifications and Accreditations
  4. PCDRA - Palo Alto Networks Certified Detection and Remediation Analyst

Paloalto Networks PCDRA Palo Alto Networks Certified Detection and Remediation Analyst Exam Practice Test

Demo: 9 questions
Total 91 questions
Get PCDRA Full Access Download PCDRA PDF

Palo Alto Networks Certified Detection and Remediation Analyst Questions and Answers

Question 1

What is the purpose of the Unit 42 team?

Options:

A.

Unit 42 is responsible for automation and orchestration of products

B.

Unit 42 is responsible for theconfiguration optimization of the Cortex XDR server

C.

Unit 42 is responsible for threat research, malware analysis and threat hunting

D.

Unit 42 is responsible for the rapid deployment of Cortex XDR agents

Question 2

Which statement best describes how Behavioral Threat Protection (BTP) works?

Options:

A.

BTP injects into known vulnerable processes to detect malicious activity.

B.

BTP runs on the Cortex XDR and distributes behavioral signatures to all agents.

C.

BTP matches EDR data with rules provided by Cortex XDR.

D.

BTP uses machine Learning to recognize malicious activity even if it is not known.

Question 3

What is the outcome of creating and implementing an alert exclusion?

Options:

A.

The Cortex XDR agent will allow the process that was blocked to run on the endpoint.

B.

The Cortex XDR console will hide those alerts.

C.

The Cortex XDR agent will not create an alert for this event in the future.

D.

The Cortex XDR console will delete those alerts and block ingestion of them in the future.

Question 4

When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)

Options:

A.

Assign incidents to an analyst in bulk.

B.

Change the status of multiple incidents.

C.

Investigate several Incidents at once.

D.

Delete the selected Incidents.

Question 5

Where can SHA256 hash values be used in Cortex XDR Malware Protection Profiles?

Options:

A.

in the macOS Malware Protection Profile to indicate allowed signers

B.

in the Linux Malware Protection Profile to indicate allowed Java libraries

C.

SHA256 hashes cannot be used in Cortex XDR Malware Protection Profiles

D.

in the Windows Malware Protection Profile to indicate allowed executables

Question 6

A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate. Which statement is correct for the incident?

Options:

A.

It is true positive.

B.

It is false positive.

C.

It is a false negative.

D.

It is true negative.

Question 7

Which statement is true for Application Exploits and Kernel Exploits?

Options:

A.

The ultimate goal of any exploit is to reach the application.

B.

Kernel exploits are easier to prevent then application exploits.

C.

The ultimate goal of any exploit is to reach the kernel.

D.

Application exploits leverage kernel vulnerability.

Question 8

When viewing the incident directly, what is the “assigned to” field value of a new Incident that was just reported to Cortex?

Options:

A.

Pending

B.

It is blank

C.

Unassigned

D.

New

Question 9

When investigating security events, which feature in Cortex XDR is useful for reverting the changes on the endpoint?

Options:

A.

Remediation Automation

B.

Machine Remediation

C.

Automatic Remediation

D.

Remediation Suggestions

Load More PCDRA Questions
Demo: 9 questions
Total 91 questions
Get PCDRA Full Access Download PCDRA PDF