2022 PCDRA dumps review - Professional Quiz Study Materials
PCDRA Test Prep Training Practice Exam Questions Practice Tests
NEW QUESTION 25
Network attacks follow predictable patterns. If you interfere with any portion of this pattern, the attack will be neutralized. Which of the following statements is correct?
- A. Cortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the endpoint.
- B. Cortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the firewall.
- C. Cortex XDR Analytics does not interfere with the pattern as soon as it is observed on the endpoint.
- D. Cortex XDR Analytics does not have to interfere with the pattern as soon as it is observed on the endpoint in order to prevent the attack.
Answer: B
NEW QUESTION 26
What kind of the threat typically encrypts user files?
- A. ransomware
- B. Zero-day exploits
- C. supply-chain attacks
- D. SQL injection attacks
Answer: A
NEW QUESTION 27
What license would be required for ingesting external logs from various vendors?
- A. Cortex XDR Pro per TB
- B. Cortex XDR Vendor Agnostic Pro
- C. Cortex XDR Cloud per Host
- D. Cortex XDR Pro per Endpoint
Answer: A
NEW QUESTION 28
When investigating security events, which feature in Cortex XDR is useful for reverting the changes on the endpoint?
- A. Remediation Automation
- B. Machine Remediation
- C. Automatic Remediation
- D. Remediation Suggestions
Answer: D
NEW QUESTION 29
Which license is required when deploying Cortex XDR agent on Kubernetes Clusters as a DaemonSet?
- A. Cortex XDR Cloud per Host
- B. Cortex XDR Pro per TB
- C. Host Insights
- D. Cortex XDR Pro per Endpoint
Answer: A
NEW QUESTION 30
What does the following output tell us?
- A. Host shpapy_win10 had the most vulnerabilities.
- B. There is one low severity incident.
- C. This is an actual output of the Top 10 hosts with the most malware.
- D. There is one informational severity alert.
Answer: C
NEW QUESTION 31
When viewing the incident directly, what is the "assigned to" field value of a new Incident that was just reported to Cortex?
- A. It is blank
- B. Pending
- C. New
- D. Unassigned
Answer: C
NEW QUESTION 32
When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)
- A. Investigate several Incidents at once.
- B. Assign incidents to an analyst in bulk.
- C. Delete the selected Incidents.
- D. Change the status of multiple incidents.
Answer: B,D
NEW QUESTION 33
Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?
- A. Security Manager Dashboard
- B. Data Ingestion Dashboard
- C. Incident Management Dashboard
- D. Security Admin Dashboard
Answer: A
NEW QUESTION 34
Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?
- A. From the rules menu select new exception, fill out the criteria, choose the scope to apply it to, hit save.
- B. In the Action Center, choose Allow list, select new action, select add to allow list, add your hash to the list, and apply it.
- C. Find the Malware profile attached to the endpoint, Under Portable Executable and DLL Examination add the hash to the allow list.
- D. Find the exceptions profile attached to the endpoint, under process exceptions select local analysis, paste the hash and save.
Answer: A
NEW QUESTION 35
Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques.
- A. Exfiltration, Command and Control, Collection
- B. Exfiltration, Command and Control, Privilege Escalation
- C. Exfiltration, Command and Control, Impact
- D. Exfiltration, Command and Control, Lateral Movement
Answer: D
NEW QUESTION 36
When is the wss (WebSocket Secure) protocol used?
- A. when the Cortex XDR agent establishes a bidirectional communication channel
- B. when the Cortex XDR agent downloads new security content
- C. when the Cortex XDR agent connects to WildFire to upload files for analysis
- D. when the Cortex XDR agent uploads alert data
Answer: A
NEW QUESTION 37
Which statement is true based on the following Agent Auto Upgrade widget?
- A. There are more agents in Pending status than In Progress status.
- B. Agent Auto Upgrade was enabled but not on all endpoints.
- C. Agent Auto Upgrade has not been enabled.
- D. There are a total of 689 Up To Date agents.
Answer: B
NEW QUESTION 38
When using the "File Search and Destroy" feature, which of the following search hash type is supported?
- A. SHA256 hash of the file
- B. AES256 hash of the file
- C. SHA1 hash of the file
- D. MD5 hash of the file
Answer: A
NEW QUESTION 39
In incident-related widgets, how would you filter the display to only show incidents that were "starred"?
- A. Create a custom XQL widget
- B. Create a custom report and filter on starred incidents
- C. Click the star in the widget
- D. This is not currently supported
Answer: C
Explanation:
Reference:
%20you%20clear%20the%20star
NEW QUESTION 40
......
Exam Questions Answers Braindumps PCDRA Exam Dumps PDF Questions: https://www.dumpsfree.com/PCDRA-valid-exam.html
PCDRA Exam Dumps, PCDRA Practice Test Questions: https://drive.google.com/open?id=1tuKdBLUuwHmChIDBXqqJbEt5rhSqCLa1