PCDRA by Palo Alto Networks Valid Free Exam Practice Test

Question 1

What is the Wildfire analysis file size limit for Windows PE files?

A. 1GB B. 100MB C. No Limit D. 500MB

Correct Answer: B

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 2

Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?

A. Child Process Protection B. Hash Verdict Determination C. Behavioral Threat Protection D. Restriction Policy

Correct Answer: B

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 3

Which statement best describes how Behavioral Threat Protection (BTP) works?

A. BTP uses machine Learning to recognize malicious activity even if it is not known. B. BTP matches EDR data with rules provided by Cortex XDR. C. BTP injects into known vulnerable processes to detect malicious activity. D. BTP runs on the Cortex XDR and distributes behavioral signatures to all agents.

Correct Answer: A

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 4

What functionality of the Broker VM would you use to ingest third-party firewall logs to the Cortex Data Lake?

A. Syslog Collector B. Netflow Collector C. Pathfinder D. DB Collector

Correct Answer: A

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 5

In the deployment of which Broker VM applet are you required to install a strong cipher SHA256-based SSL certificate?

A. Syslog Collector B. Agent Installer and Content Caching C. CSV Collector D. Agent Proxy

Correct Answer: B

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 6

Live Terminal uses which type of protocol to communicate with the agent on the endpoint?

A. TCP, over port 80 B. UDP and a random port C. WebSocket D. NetBIOS over TCP

Correct Answer: C

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 7

What license would be required for ingesting external logs from various vendors?

A. Cortex XDR Cloud per Host B. Cortex XDR Pro per TB C. Cortex XDR Vendor Agnostic Pro D. Cortex XDR Pro per Endpoint

Correct Answer: B

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 8

What does the following output tell us?

A. Host shpapy_win10 had the most vulnerabilities. B. This is an actual output of the Top 10 hosts with the most malware. C. There is one low severity incident. D. There is one informational severity alert.

Correct Answer: B

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Question 9

In the Cortex XDR console, from which two pages are you able to manually perform the agent upgrade action?
(Choose two.)

A. Action Center B. Agent Installations C. Asset Management D. Endpoint Administration

Correct Answer: C,D

Explanation: Only visible for ExamsLabs members. You can sign-up / login (it's free).

Palo Alto Networks Certified Detection and Remediation Analyst - PCDRA Exam Practice Test