Palo Alto Networks PCDRA Free Practice Exam & Test Training

Phishing belongs which of the following MITRE ATT&CK tactics?

Answer : D

When creating a BIOC rule, which XQL query can be used?

A. dataset = xdr_data
| filter event_sub_type = PROCESS_START and
action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
B. dataset = xdr_data
| filter event_type = PROCESS and
event_sub_type = PROCESS_START and
action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
C. dataset = xdr_data
| filter action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"
| fields action_process_image
D. dataset = xdr_data
| filter event_behavior = true
event_sub_type = PROCESS_START and
action_process_image_name ~= ".*?\.(?:pdf|docx)\.exe"

Answer : B

Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?

Answer : C

What are two purposes of “Respond to Malicious Causality Chains” in a Cortex XDR Windows Malware profile? (Choose two.)

Answer : AD

When creating a custom XQL query in a dashboard, how would a user save that XQL query to the Widget Library?

A. Click the three dots on the widget and then choose “Save” and this will link the query to the Widget Library.
B. This isn’t supported, you have to exit the dashboard and go into the Widget Library first to create it.
C. Click on “Save to Action Center” in the dashboard and you will be prompted to give the query a name and description.
D. Click on “Save to Widget Library” in the dashboard and you will be prompted to give the query a name and description.

Answer : D

Palo Alto Networks PCDRA - Palo Alto Networks Certified Detection and Remediation Analyst Exam