최신 PCDRA 무료덤프 - Palo Alto Networks Certified Detection and Remediation Analyst

문제1

Which type of IOC can you define in Cortex XDR?

A. Source port

B. Destination IPAddress: Destination

C. Source IP Address

D. Destination IP Address

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which statement is true based on the following Agent Auto Upgrade widget?

A. Agent Auto Upgrade has not been enabled.

B. Agent Auto Upgrade was enabled but not on all endpoints.

C. There are a total of 689 Up To Date agents.

D. There are more agents in Pending status than In Progress status.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?

A. In the Restrictions Profile, add the file name and path to the Executable Files allow list.

B. Add the signer to the allow list under the action center page.

C. Add the signer to the allow list in the malware profile.

D. Create a new rule exception and use the singer as the characteristic.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

What license would be required for ingesting external logs from various vendors?

A. Cortex XDR Cloud per Host

B. Cortex XDR Pro per Endpoint

C. Cortex XDR Vendor Agnostic Pro

D. Cortex XDR Pro per TB

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Which engine, of the following, in Cortex XDR determines the most relevant artifacts in each alert and aggregates all alerts related to an event into an incident?

A. Log Stitching Engine

B. Causality Analysis Engine

C. Sensor Engine

D. Causality Chain Engine

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?

A. Find the Malware profile attached to the endpoint, Under Portable Executable and DLL Examination add the hash to the allow list.

B. From the rules menu select new exception, fill out the criteria, choose the scope to apply it to, hit save.

C. In the Action Center, choose Allow list, select new action, select add to allow list, add your hash to the list, and apply it.

D. Find the exceptions profile attached to the endpoint, under process exceptions select local analysis, paste the hash and save.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제7

When investigating security events, which feature in Cortex XDR is useful for reverting the changes on the endpoint?

A. Machine Remediation

B. Automatic Remediation

C. Remediation Automation

D. Remediation Suggestions

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which two types of exception profiles you can create in Cortex XDR? (Choose two.)

A. agent exception profiles that apply to specific endpoints

B. role-based profiles that apply to specific endpoints

C. exception profiles that apply to specific endpoints

D. global exception profiles that apply to all endpoints

정답: A,D

설명: (DumpTOP 회원만 볼 수 있음)

문제9

If you have an isolated network that is prevented from connecting to the Cortex Data Lake, which type of Broker VM setup can you use to facilitate the communication?

A. Local Agent Proxy

B. Broker VM Syslog Collector

C. Broker VM Pathfinder

D. Local Agent Installer and Content Caching

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 PCDRA 무료덤프 - Palo Alto Networks Certified Detection and Remediation Analyst

우리와 연락하기

유용한 링크

최신 업데이트