Palo Alto Networks PCDRA - Palo Alto Networks Certified Detection and Remediation Analyst Exam
Page: 2 / 20
Total 96 questions
Question #6 (Topic: Exam A)
What license would be required for ingesting external logs from various vendors?
A. Cortex XDR Pro per Endpoint
B. Cortex XDR Vendor Agnostic Pro
C. Cortex XDR Pro per TB
D. Cortex XDR Cloud per Host
Answer: C
Question #7 (Topic: Exam A)
An attacker tries to load dynamic libraries on macOS from an unsecure location. Which Cortex XDR module can prevent this attack?
A. DDL Security
B. Hot Patch Protection
C. Kernel Integrity Monitor (KIM)
D. Dylib Hijacking
Answer: D
Question #8 (Topic: Exam A)
What is the purpose of the Unit 42 team?
A. Unit 42 is responsible for automation and orchestration of products
B. Unit 42 is responsible for the configuration optimization of the Cortex XDR server
C. Unit 42 is responsible for threat research, malware analysis and threat hunting
D. Unit 42 is responsible for the rapid deployment of Cortex XDR agents
Answer: C
Question #9 (Topic: Exam A)
Which Type of IOC can you define in Cortex XDR?
A. destination port
B. e-mail address
C. full path
D. App-ID
Answer: C
Question #10 (Topic: Exam A)
When viewing the incident directly, what is the “assigned to” field value of a new Incident that was just reported to Cortex?
A. Pending
B. It is blank
C. Unassigned
D. New
Answer: C
