Question 1

What is the function of WildFire for Cortex XDR?

AWildFire runs in the cloud and analyses alert data from the XDR agent to check for behavioural threats.

BWildFire is the engine that runs on the local agent and determines whether behavioural threats are occurring on the endpoint.

CWildFire accepts and analyses a sample to provide a verdict.

DWildFire runs entirely on the agent to quickly analyse samples and provide a verdict.

Answer : C

Question 2

A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?

AManually remediate the problem on the endpoint in question.

BOpen X2go from the Cortex XDR console and delete the file via X2go.

CInitiate Remediate Suggestions to automatically delete the file.

DOpen an NFS connection from the Cortex XDR console and delete the file.

Answer : A

Question 3

Which of the following best defines the Windows Registry as used by the Cortex XDR agent?

Aa hierarchical database that stores settings for the operating system and for applications

Ba system of files used by the operating system to commit memory that exceeds the available hardware resources. Also known as the ''swap''

Ca central system, available via the internet, for registering officially licensed versions of software to prove ownership

Da ledger for maintaining accurate and up-to-date information on total disk usage and disk space remaining available to the operating system

Answer : A

Question 4

Which statement best describes how Behavioral Threat Protection (BTP) works?

ABTP injects into known vulnerable processes to detect malicious activity.

BBTP runs on the Cortex XDR and distributes behavioral signatures to all agents.

CBTP matches EDR data with rules provided by Cortex XDR.

DBTP uses machine Learning to recognize malicious activity even if it is not known.

Answer : D

Question 5

Which of the following policy exceptions applies to the following description?

'An exception allowing specific PHP files'

ASupport exception

BLocal file threat examination exception

CBehavioral threat protection rule exception

DProcess exception

Answer : B

Free Palo Alto Networks Certified Detection and Remediation Analyst Questions for Palo Alto Networks Certified Detection and Remediation Analyst Exam as PDF & Practice Test Software

Question 1

Question 2

Question 3

Question 4

Question 5