PCDRA Certification is the first of its kind credential to cover foundational knowledge of industry recognized cybersecurity and endpoint security concepts as well as various cutting-edge advancements across all Palo Alto Networks technologies. PassQuestion team collected PCDRA Certification Exam Questions from real test to help you prepare for your test efficiently. PCDRA Certification Exam Questions perfectly cover all real exam questions. You can pass your exam with latest PCDRA questions and answers successfully. The only thing you have to do is to learn all the PCDRA Certification Exam Questions multiple times and take your Palo Alto Networks PCDRA exam confidently.

Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA)

The PCDRA certification is the first of its kind credential to cover foundational knowledge of industry recognized Cybersecurity and Endpoint security concepts as well as various cutting-edge advancements across all Palo Alto Networks technologies. The PCDRA certification validates that engineers possess the
in-depth skills and knowledge to develop playbooks, manage incidents, create automations and integrations and demonstrate the highest standard of deployment methodology and operational best practices associated with Palo Alto Networks Cortex? XDR.

Exam Details

● Certification Name: Palo Alto Networks Certified Detection and Remediation Analyst
● Exam Series: PCDRA
● Total Seat Time: 90 minutes
● Time for Exam Items: 80 minutes
● Number of items: 60-75
● Format: Multiple choice, Scenarios with Graphics, and Matching
● Language: English

Exam Objectives

Threats and Attacks 10%
Prevention and Detection 20%
Investigation 20%
Remediation 15%
Threat Hunting 10%
Reporting 10%
Architecture 15%

View Online Palo Alto Networks Certified Detection and Remediation Analyst PCDRA Free Questions

Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?
A.Find the Malware profile attached to the endpoint, Under Portable Executable and DLL Examination add the hash to the allow list.
B.From the rules menu select new exception, fill out the criteria, choose the scope to apply it to, hit save.
C.Find the exceptions profile attached to the endpoint, under process exceptions select local analysis, paste the hash and save.
D.In the Action Center, choose Allow list, select new action, select add to allow list, add your hash to the list, and apply it.
Answer : B

You can star security events in which two ways? (Choose two.)
A.Create an alert-starring configuration.
B.Create an Incident-starring configuration.
C.Manually star an alert.
D.Manually star an Incident.
Answer : B, D

Live Terminal uses which type of protocol to communicate with the agent on the endpoint?
A.NetBIOS over TCP
B.WebSocket
C.UDP and a random port
D.TCP, over port 80
Answer : B

Which of the following is NOT a precanned script provided by Palo Alto Networks?
A.delete_file
B.quarantine_file
C.process_kill_name
D.list_directories
Answer : B

Which module provides the best visibility to view vulnerabilities?
A.Live Terminal module
B.Device Control Violations module
C.Host Insights module
D.Forensics module
Answer : C

Which profiles can the user use to configure malware protection in the Cortex XDR console?
A.Malware Protection profile
B.Malware profile
C.Malware Detection profile
D.Anti-Malware profile
Answer : B