Question 1

When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)

AAssign incidents to an analyst in bulk.

BChange the status of multiple incidents.

CInvestigate several Incidents at once.

DDelete the selected Incidents.

Answer : A, B

Question 2

A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate. Which statement is correct for the incident?

AIt is true positive.

BIt is false positive.

CIt is a false negative.

DIt is true negative.

Answer : B

Question 3

What is the outcome of creating and implementing an alert exclusion?

AThe Cortex XDR agent will allow the process that was blocked to run on the endpoint.

BThe Cortex XDR console will hide those alerts.

CThe Cortex XDR agent will not create an alert for this event in the future.

DThe Cortex XDR console will delete those alerts and block ingestion of them in the future.

Answer : B

Question 4

Which two types of exception profiles you can create in Cortex XDR? (Choose two.)

Aexception profiles that apply to specific endpoints

Bagent exception profiles that apply to specific endpoints

Cglobal exception profiles that apply to all endpoints

Drole-based profiles that apply to specific endpoints

Answer : A, C

Question 5

Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?

AFind the Malware profile attached to the endpoint, Under Portable Executable and DLL Examination add the hash to the allow list.

BFrom the rules menu select new exception, fill out the criteria, choose the scope to apply it to, hit save.

CFind the exceptions profile attached to the endpoint, under process exceptions select local analysis, paste the hash and save.

DIn the Action Center, choose Allow list, select new action, select add to allow list, add your hash to the list, and apply it.

Answer : B

Free Palo Alto Networks Certified Detection and Remediation Analyst Questions for Palo Alto Networks Certified Detection and Remediation Analyst Exam as PDF & Practice Test Software

Question 1

Question 2

Question 3

Question 4

Question 5