Palo Alto Networks PCDRA Exam Actual Questions

The questions for PCDRA were last updated on Nov. 14, 2024.

Viewing page 1 out of 24 pages.
Viewing questions 1-4 out of 96 questions

Topic 1 - Exam A

Question #1 Topic 1

Phishing belongs which of the following MITRE ATT&CK tactics?

A. Initial Access, Persistence
B. Persistence, Command and Control
C. Reconnaissance, Persistence
D. Reconnaissance, Initial Access

Reveal Solution Discussion 1

Correct Answer: D 🗳️

Question #2 Topic 1

When creating a BIOC rule, which XQL query can be used?

A. dataset = xdr_data
| filter event_sub_type = PROCESS_START and
action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
B. dataset = xdr_data
| filter event_type = PROCESS and
event_sub_type = PROCESS_START and
action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
C. dataset = xdr_data
| filter action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
| fields action_process_image
D. dataset = xdr_data
| filter event_behavior = true
event_sub_type = PROCESS_START and
action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"

Reveal Solution Discussion 2

Correct Answer: B 🗳️

Question #3 Topic 1

Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?

A. Security Manager Dashboard
B. Data Ingestion Dashboard
C. Security Admin Dashboard
D. Incident Management Dashboard

Reveal Solution Discussion 7

Correct Answer: C 🗳️

Question #4 Topic 1

What are two purposes of “Respond to Malicious Causality Chains” in a Cortex XDR Windows Malware profile? (Choose two.)

A. Automatically close the connections involved in malicious traffic.
B. Automatically kill the processes involved in malicious activity.
C. Automatically terminate the threads involved in malicious activity.
D. Automatically block the IP addresses involved in malicious traffic.

Reveal Solution Discussion 7

Correct Answer: AD 🗳️