ExamTopics Logo
Mail Us[email protected]
Menu
 

PCDRA Actual Exam Questions

Last updated on Dec. 10, 2024.
Vendor:Palo Alto Networks
Exam Code:PCDRA
Exam Name:Palo Alto Networks Certified Detection and Remediation Analyst
Exam Questions:96
97% Passed the exam with this material
 

Topic 1 - Exam A

Question #1 Topic 1

Phishing belongs which of the following MITRE ATT&CK tactics?

  • A. Initial Access, Persistence
  • B. Persistence, Command and Control
  • C. Reconnaissance, Persistence
  • D. Reconnaissance, Initial Access
Reveal Solution Hide Solution   Discussion   1

Correct Answer: D 🗳️

Question #2 Topic 1

When creating a BIOC rule, which XQL query can be used?

  • A. dataset = xdr_data
    | filter event_sub_type = PROCESS_START and
    action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
  • B. dataset = xdr_data
    | filter event_type = PROCESS and
    event_sub_type = PROCESS_START and
    action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
  • C. dataset = xdr_data
    | filter action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
    | fields action_process_image
  • D. dataset = xdr_data
    | filter event_behavior = true
    event_sub_type = PROCESS_START and
    action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
Reveal Solution Hide Solution   Discussion   2

Correct Answer: B 🗳️

Question #3 Topic 1

Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?

  • A. Security Manager Dashboard
  • B. Data Ingestion Dashboard
  • C. Security Admin Dashboard
  • D. Incident Management Dashboard
Reveal Solution Hide Solution   Discussion   7

Correct Answer: C 🗳️

Question #4 Topic 1

What are two purposes of “Respond to Malicious Causality Chains” in a Cortex XDR Windows Malware profile? (Choose two.)

  • A. Automatically close the connections involved in malicious traffic.
  • B. Automatically kill the processes involved in malicious activity.
  • C. Automatically terminate the threads involved in malicious activity.
  • D. Automatically block the IP addresses involved in malicious traffic.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: AD 🗳️

file Viewing page 1 out of 24 pages.
Viewing questions 1-4 out of 96 questions
Next Questions
Browse atleast 50% to increase passing rate cup
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago