ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCDRA All Questions

View all questions & answers for the PCDRA exam
Go to Exam

Exam PCDRA topic 1 question 91 discussion

Actual exam question from Palo Alto Networks's PCDRA
Question #: 91
Topic #: 1
[All PCDRA Questions]

Can you disable the ability to use the Live Terminal feature in Cortex XDR?

  • A. Yes, via Agent Settings Profile.
  • B. No, it is a required feature of the agent.
  • C. No, a separate installer package without Live Terminal is required.
  • D. Yes, via the Cortex XDR console or with an installation switch.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Chiquitabandita at March 24, 2024, 2:56 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
danups
4 months, 1 week ago
Selected Answer: D
If you want to prevent Cortex XSIAM from initiating Live Terminal remote sessions on an endpoint running the Cortex XDR agent, you can disable this capability during agent installation or later on through Cortex XSIAM Endpoint Administration.
upvoted 1 times
...
flummoxed_individual
5 months, 4 weeks ago
Selected Answer: D
D is also the most logical answer. A would mean the user could disable it which defeats the purpose
upvoted 1 times
...
Chiquitabandita
10 months ago
Selected Answer: D
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/7.7/Cortex-XDR-Agent-Administrator-Guide/Install-the-Cortex-XDR-Agent-Manually You can permanently disable the option for Cortex XDR to perform all, or a combination, of the following actions on endpoints running a Cortex XDR agent: initiate a Initiate a Live Terminal Session remote session on the endpoint, Run Scripts on an Endpoint on the endpoint, and Retrieve Files from an Endpoint from the endpoint to Cortex XDR. Disabling any of these payloads in the Config.xml file is an irreversible action, so if you later want to enable the action on the endpoint, you must uninstall your Cortex XDR agent and install a new agent with the corresponding values in the Config.xml file.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago