PCDRA Online Practice Questions and Answers
Phishing belongs which of the following MITRE ATTandCK tactics?
A. Initial Access, Persistence
B. Persistence, Command and Control
C. Reconnaissance, Persistence
D. Reconnaissance, Initial Access
What license would be required for ingesting external logs from various vendors?
A. Cortex XDR Pro per Endpoint
B. Cortex XDR Vendor Agnostic Pro
C. Cortex XDR Pro per TB
D. Cortex XDR Cloud per Host
Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?
A. Hash Verdict Determination
B. Behavioral Threat Protection
C. Restriction Policy
D. Child Process Protection
Network attacks follow predictable patterns. If you interfere with any portion of this pattern, the attack will be neutralized. Which of the following statements is correct?
A. Cortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the firewall.
B. Cortex XDR Analytics does not interfere with the pattern as soon as it is observed on the endpoint.
C. Cortex XDR Analytics does not have to interfere with the pattern as soon as it is observed on the endpoint in order to prevent the attack.
D. Cortex XDR Analytics allows to interfere with the pattern as soon as it is observed on the endpoint.
Live Terminal uses which type of protocol to communicate with the agent on the endpoint?
A. NetBIOS over TCP
B. WebSocket
C. UDP and a random port
D. TCP, over port 80
Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?
A. Find the Malware profile attached to the endpoint, Under Portable Executable and DLL Examination add the hash to the allow list.
B. From the rules menu select new exception, fill out the criteria, choose the scope to apply it to, hit save.
C. Find the exceptions profile attached to the endpoint, under process exceptions select local analysis, paste the hash and save.
D. In the Action Center, choose Allow list, select new action, select add to allow list, add your hash to the
list, and apply it.
When investigating security events, which feature in Cortex XDR is useful for reverting the changes on the endpoint?
A. Remediation Automation
B. Machine Remediation
C. Automatic Remediation
D. Remediation Suggestions
A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?
A. Manually remediate the problem on the endpoint in question.
B. Open X2go from the Cortex XDR console and delete the file via X2go.
C. Initiate Remediate Suggestions to automatically delete the file.
D. Open an NFS connection from the Cortex XDR console and delete the file.
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
• 6000+ PDF and VCE exam dumps
• 6000+ Free demo downloads available
• 50+ Preparation Labs
• 20+ Representatives Providing 24/7 Support
Copyright © 2004-2024 certbus.com, All Rights Reserved.