{"id":37445,"date":"2022-03-22T03:45:37","date_gmt":"2022-03-22T03:45:37","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=37445"},"modified":"2022-03-22T03:45:41","modified_gmt":"2022-03-22T03:45:41","slug":"new-palo-alto-networks-certification-pcdra-dumps-2022-valid-pcdra-resource-for-preparation","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/new-palo-alto-networks-certification-pcdra-dumps-2022-valid-pcdra-resource-for-preparation.html","title":{"rendered":"New Palo Alto Networks Certification PCDRA Dumps [2022] Valid PCDRA Resource For Preparation"},"content":{"rendered":"\n<p>If you have new PCDRA dumps of DumpsBase, you can pass Palo Alto Networks Certified Detection and Remediation Analyst certification exam successfully. DumpsBase is one of the top platforms offering valid and reliable Palo Alto Networks PCDRA dumps in line with actual exam questions and answers. It will increase your confidence and decrease tension for you to take the real PCDRA exam and achieve successfully. To be a Palo Alto Networks Certified Detection and Remediation Analyst certified strengthens the professional career of candidates as DumpsBase new PCDRA dumps help to make foundations strong according to the demand of Palo Alto Networks.\u00a0<\/p>\n<h2>Read New Palo Alto Networks Certification <em><span style=\"background-color: #ffcc00;\">PCDRA Free Dumps<\/span><\/em> Below<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam6162\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-6162\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-6162\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-213690'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>While working the alerts involved in a Cortex XDR incident, an analyst has found that every alert in this incident requires an exclusion . <br \/>\r<br>What will the Cortex XDR console automatically do to this incident if all alerts contained have exclusions?<\/div><input type='hidden' name='question_id[]' id='qID_1' value='213690' \/><input type='hidden' id='answerType213690' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213690[]' id='answer-id-851823' class='answer   answerof-213690 ' value='851823'   \/><label for='answer-id-851823' id='answer-label-851823' class=' answer'><span>mark the incident as Unresolved<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213690[]' id='answer-id-851824' class='answer   answerof-213690 ' value='851824'   \/><label for='answer-id-851824' id='answer-label-851824' class=' answer'><span>create a BIOC rule excluding this behavior<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213690[]' id='answer-id-851825' class='answer   answerof-213690 ' value='851825'   \/><label for='answer-id-851825' id='answer-label-851825' class=' answer'><span>create an exception to prevent future false positives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213690[]' id='answer-id-851826' class='answer   answerof-213690 ' value='851826'   \/><label for='answer-id-851826' id='answer-label-851826' class=' answer'><span>mark the incident as Resolved C False Positive<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-213691'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>To create a BIOC rule with XQL query you must at a minimum filter on which field inorder for it to be a valid BIOC rule?<\/div><input type='hidden' name='question_id[]' id='qID_2' value='213691' \/><input type='hidden' id='answerType213691' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213691[]' id='answer-id-851827' class='answer   answerof-213691 ' value='851827'   \/><label for='answer-id-851827' id='answer-label-851827' class=' answer'><span>causality_chain<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213691[]' id='answer-id-851828' class='answer   answerof-213691 ' value='851828'   \/><label for='answer-id-851828' id='answer-label-851828' class=' answer'><span>endpoint_name<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213691[]' id='answer-id-851829' class='answer   answerof-213691 ' value='851829'   \/><label for='answer-id-851829' id='answer-label-851829' class=' answer'><span>threat_event<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213691[]' id='answer-id-851830' class='answer   answerof-213691 ' value='851830'   \/><label for='answer-id-851830' id='answer-label-851830' class=' answer'><span>event_type<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-213692'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>After scan, how does file quarantine function work on an endpoint?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='213692' \/><input type='hidden' id='answerType213692' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213692[]' id='answer-id-851831' class='answer   answerof-213692 ' value='851831'   \/><label for='answer-id-851831' id='answer-label-851831' class=' answer'><span>Quarantine takes ownership of the files and folders and prevents execution through access control.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213692[]' id='answer-id-851832' class='answer   answerof-213692 ' value='851832'   \/><label for='answer-id-851832' id='answer-label-851832' class=' answer'><span>Quarantine disables the network adapters and locks down access preventing any \r\ncommunications with the endpoint.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213692[]' id='answer-id-851833' class='answer   answerof-213692 ' value='851833'   \/><label for='answer-id-851833' id='answer-label-851833' class=' answer'><span>Quarantine removes a specific file from its location on a local or removable drive to a protected folder and prevents it from being executed.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213692[]' id='answer-id-851834' class='answer   answerof-213692 ' value='851834'   \/><label for='answer-id-851834' id='answer-label-851834' class=' answer'><span>Quarantine prevents an endpoint from communicating with anything besides the listed exceptions in the agent profile and Cortex XD<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-213693'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>Which statement is true for Application Exploits and Kernel Exploits?<\/div><input type='hidden' name='question_id[]' id='qID_4' value='213693' \/><input type='hidden' id='answerType213693' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213693[]' id='answer-id-851835' class='answer   answerof-213693 ' value='851835'   \/><label for='answer-id-851835' id='answer-label-851835' class=' answer'><span>The ultimate goal of any exploit is to reach the application.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213693[]' id='answer-id-851836' class='answer   answerof-213693 ' value='851836'   \/><label for='answer-id-851836' id='answer-label-851836' class=' answer'><span>Kernel exploits are easier to prevent then application exploits.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213693[]' id='answer-id-851837' class='answer   answerof-213693 ' value='851837'   \/><label for='answer-id-851837' id='answer-label-851837' class=' answer'><span>The ultimate goal of any exploit is to reach the kernel.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213693[]' id='answer-id-851838' class='answer   answerof-213693 ' value='851838'   \/><label for='answer-id-851838' id='answer-label-851838' class=' answer'><span>Application exploits leverage kernel vulnerability.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-213694'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>Which of the following best defines the Windows Registry as used by the Cortex XDRagent?<\/div><input type='hidden' name='question_id[]' id='qID_5' value='213694' \/><input type='hidden' id='answerType213694' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213694[]' id='answer-id-851839' class='answer   answerof-213694 ' value='851839'   \/><label for='answer-id-851839' id='answer-label-851839' class=' answer'><span>a hierarchical database that stores settings for the operating system and for applications<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213694[]' id='answer-id-851840' class='answer   answerof-213694 ' value='851840'   \/><label for='answer-id-851840' id='answer-label-851840' class=' answer'><span>a system of files used by the operating system to commit memory that exceeds the available hardware resources. Also known as the \u201cswap\u201d<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213694[]' id='answer-id-851841' class='answer   answerof-213694 ' value='851841'   \/><label for='answer-id-851841' id='answer-label-851841' class=' answer'><span>a central system, available via the internet, for registering officially licensed versions of software to prove ownership<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213694[]' id='answer-id-851842' class='answer   answerof-213694 ' value='851842'   \/><label for='answer-id-851842' id='answer-label-851842' class=' answer'><span>a ledger for maintaining accurate and up-to-date information on total disk usage and disk space remaining available to the operating system<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-213695'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>What kind of the threat typically encrypts userfiles?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='213695' \/><input type='hidden' id='answerType213695' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213695[]' id='answer-id-851843' class='answer   answerof-213695 ' value='851843'   \/><label for='answer-id-851843' id='answer-label-851843' class=' answer'><span>ransomware<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213695[]' id='answer-id-851844' class='answer   answerof-213695 ' value='851844'   \/><label for='answer-id-851844' id='answer-label-851844' class=' answer'><span>SQL injection attacks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213695[]' id='answer-id-851845' class='answer   answerof-213695 ' value='851845'   \/><label for='answer-id-851845' id='answer-label-851845' class=' answer'><span>Zero-day exploits<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213695[]' id='answer-id-851846' class='answer   answerof-213695 ' value='851846'   \/><label for='answer-id-851846' id='answer-label-851846' class=' answer'><span>supply-chain attacks<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-213696'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate . <br \/>\r<br>Which statement is correct for the incident?<\/div><input type='hidden' name='question_id[]' id='qID_7' value='213696' \/><input type='hidden' id='answerType213696' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213696[]' id='answer-id-851847' class='answer   answerof-213696 ' value='851847'   \/><label for='answer-id-851847' id='answer-label-851847' class=' answer'><span>It is true positive.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213696[]' id='answer-id-851848' class='answer   answerof-213696 ' value='851848'   \/><label for='answer-id-851848' id='answer-label-851848' class=' answer'><span>It is false positive.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213696[]' id='answer-id-851849' class='answer   answerof-213696 ' value='851849'   \/><label for='answer-id-851849' id='answer-label-851849' class=' answer'><span>It is a false negative.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213696[]' id='answer-id-851850' class='answer   answerof-213696 ' value='851850'   \/><label for='answer-id-851850' id='answer-label-851850' class=' answer'><span>It is true negative.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-213697'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>LiveTerminal uses which type of protocol to communicate with the agent on the endpoint?<\/div><input type='hidden' name='question_id[]' id='qID_8' value='213697' \/><input type='hidden' id='answerType213697' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213697[]' id='answer-id-851851' class='answer   answerof-213697 ' value='851851'   \/><label for='answer-id-851851' id='answer-label-851851' class=' answer'><span>NetBIOS over TCP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213697[]' id='answer-id-851852' class='answer   answerof-213697 ' value='851852'   \/><label for='answer-id-851852' id='answer-label-851852' class=' answer'><span>WebSocket<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213697[]' id='answer-id-851853' class='answer   answerof-213697 ' value='851853'   \/><label for='answer-id-851853' id='answer-label-851853' class=' answer'><span>UDP and a random port<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213697[]' id='answer-id-851854' class='answer   answerof-213697 ' value='851854'   \/><label for='answer-id-851854' id='answer-label-851854' class=' answer'><span>TCP, over port 80<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-213698'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>What are two purposes of \u201cRespond to Malicious Causality Chains\u201d in a Cortex XDR Windows Malware profile? (Choose two.)<\/div><input type='hidden' name='question_id[]' id='qID_9' value='213698' \/><input type='hidden' id='answerType213698' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213698[]' id='answer-id-851855' class='answer   answerof-213698 ' value='851855'   \/><label for='answer-id-851855' id='answer-label-851855' class=' answer'><span>Automatically close the connections involved in malicious traffic.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213698[]' id='answer-id-851856' class='answer   answerof-213698 ' value='851856'   \/><label for='answer-id-851856' id='answer-label-851856' class=' answer'><span>Automatically kill the processes involved in malicious activity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213698[]' id='answer-id-851857' class='answer   answerof-213698 ' value='851857'   \/><label for='answer-id-851857' id='answer-label-851857' class=' answer'><span>Automatically terminate the threads involved in malicious activity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213698[]' id='answer-id-851858' class='answer   answerof-213698 ' value='851858'   \/><label for='answer-id-851858' id='answer-label-851858' class=' answer'><span>Automaticallyblock the IP addresses involved in malicious traffic.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-213699'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>Which of the following policy exceptions applies to the following description? <br \/>\r<br>\u2018An exception allowing specific PHP files\u2019<\/div><input type='hidden' name='question_id[]' id='qID_10' value='213699' \/><input type='hidden' id='answerType213699' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213699[]' id='answer-id-851859' class='answer   answerof-213699 ' value='851859'   \/><label for='answer-id-851859' id='answer-label-851859' class=' answer'><span>Support exception<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213699[]' id='answer-id-851860' class='answer   answerof-213699 ' value='851860'   \/><label for='answer-id-851860' id='answer-label-851860' class=' answer'><span>Local file threat examination exception<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213699[]' id='answer-id-851861' class='answer   answerof-213699 ' value='851861'   \/><label for='answer-id-851861' id='answer-label-851861' class=' answer'><span>Behavioral threat protection rule exception<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213699[]' id='answer-id-851862' class='answer   answerof-213699 ' value='851862'   \/><label for='answer-id-851862' id='answer-label-851862' class=' answer'><span>Process exception<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-213700'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='213700' \/><input type='hidden' id='answerType213700' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213700[]' id='answer-id-851863' class='answer   answerof-213700 ' value='851863'   \/><label for='answer-id-851863' id='answer-label-851863' class=' answer'><span>Security Manager Dashboard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213700[]' id='answer-id-851864' class='answer   answerof-213700 ' value='851864'   \/><label for='answer-id-851864' id='answer-label-851864' class=' answer'><span>Data Ingestion Dashboard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213700[]' id='answer-id-851865' class='answer   answerof-213700 ' value='851865'   \/><label for='answer-id-851865' id='answer-label-851865' class=' answer'><span>Security Admin Dashboard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213700[]' id='answer-id-851866' class='answer   answerof-213700 ' value='851866'   \/><label for='answer-id-851866' id='answer-label-851866' class=' answer'><span>Incident Management Dashboard<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-213701'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)<\/div><input type='hidden' name='question_id[]' id='qID_12' value='213701' \/><input type='hidden' id='answerType213701' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213701[]' id='answer-id-851867' class='answer   answerof-213701 ' value='851867'   \/><label for='answer-id-851867' id='answer-label-851867' class=' answer'><span>Assign incidents to an analyst in bulk.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213701[]' id='answer-id-851868' class='answer   answerof-213701 ' value='851868'   \/><label for='answer-id-851868' id='answer-label-851868' class=' answer'><span>Change the status of multiple incidents.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213701[]' id='answer-id-851869' class='answer   answerof-213701 ' value='851869'   \/><label for='answer-id-851869' id='answer-label-851869' class=' answer'><span>Investigate several Incidents at once.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-213701[]' id='answer-id-851870' class='answer   answerof-213701 ' value='851870'   \/><label for='answer-id-851870' id='answer-label-851870' class=' answer'><span>Delete the selected Incidents.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-213702'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>Which of the following represents the correct relation of alerts to incidents?<\/div><input type='hidden' name='question_id[]' id='qID_13' value='213702' \/><input type='hidden' id='answerType213702' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213702[]' id='answer-id-851871' class='answer   answerof-213702 ' value='851871'   \/><label for='answer-id-851871' id='answer-label-851871' class=' answer'><span>Only alerts with the same host are grouped together into one Incident in a given time frame.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213702[]' id='answer-id-851872' class='answer   answerof-213702 ' value='851872'   \/><label for='answer-id-851872' id='answer-label-851872' class=' answer'><span>Alerts that occur within a three hour time frame are grouped together into one Incident.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213702[]' id='answer-id-851873' class='answer   answerof-213702 ' value='851873'   \/><label for='answer-id-851873' id='answer-label-851873' class=' answer'><span>Alerts with same causality chains that occur within a given time frame are grouped together into an Incident.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213702[]' id='answer-id-851874' class='answer   answerof-213702 ' value='851874'   \/><label for='answer-id-851874' id='answer-label-851874' class=' answer'><span>Every alert creates a new Incident.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-213703'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>If you have an isolated network that is prevented from connecting to the Cortex Data Lake, which type of Broker VM setup can you use to facilitate the communication?<\/div><input type='hidden' name='question_id[]' id='qID_14' value='213703' \/><input type='hidden' id='answerType213703' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213703[]' id='answer-id-851875' class='answer   answerof-213703 ' value='851875'   \/><label for='answer-id-851875' id='answer-label-851875' class=' answer'><span>Broker VM Pathfinder<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213703[]' id='answer-id-851876' class='answer   answerof-213703 ' value='851876'   \/><label for='answer-id-851876' id='answer-label-851876' class=' answer'><span>Local Agent Proxy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213703[]' id='answer-id-851877' class='answer   answerof-213703 ' value='851877'   \/><label for='answer-id-851877' id='answer-label-851877' class=' answer'><span>Local Agent Installer and Content Caching<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213703[]' id='answer-id-851878' class='answer   answerof-213703 ' value='851878'   \/><label for='answer-id-851878' id='answer-label-851878' class=' answer'><span>Broker VM Syslog Collector<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-213704'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>When creating a custom XQL query in a dashboard, how would a user save that XQL query to the Widget Library?<\/div><input type='hidden' name='question_id[]' id='qID_15' value='213704' \/><input type='hidden' id='answerType213704' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213704[]' id='answer-id-851879' class='answer   answerof-213704 ' value='851879'   \/><label for='answer-id-851879' id='answer-label-851879' class=' answer'><span>Click the three dots on the widget andthen choose \u201cSave\u201d and this will link the query to the Widget Library.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213704[]' id='answer-id-851880' class='answer   answerof-213704 ' value='851880'   \/><label for='answer-id-851880' id='answer-label-851880' class=' answer'><span>This isn\u2019t supported, you have to exit the dashboard and go into the Widget Library first to create it.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213704[]' id='answer-id-851881' class='answer   answerof-213704 ' value='851881'   \/><label for='answer-id-851881' id='answer-label-851881' class=' answer'><span>Click on \u201cSave to Action Center\u201d in the dashboard and you will be promptedto give the query a name and description.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213704[]' id='answer-id-851882' class='answer   answerof-213704 ' value='851882'   \/><label for='answer-id-851882' id='answer-label-851882' class=' answer'><span>Click on \u201cSave to Widget Library\u201d in the dashboard and you will be prompted to give the query a name and description.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-213705'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>Phishing belongs which of the following MITRE ATT&amp;CK tactics?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='213705' \/><input type='hidden' id='answerType213705' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213705[]' id='answer-id-851883' class='answer   answerof-213705 ' value='851883'   \/><label for='answer-id-851883' id='answer-label-851883' class=' answer'><span>Initial Access, Persistence<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213705[]' id='answer-id-851884' class='answer   answerof-213705 ' value='851884'   \/><label for='answer-id-851884' id='answer-label-851884' class=' answer'><span>Persistence, Command and Control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213705[]' id='answer-id-851885' class='answer   answerof-213705 ' value='851885'   \/><label for='answer-id-851885' id='answer-label-851885' class=' answer'><span>Reconnaissance, Persistence<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213705[]' id='answer-id-851886' class='answer   answerof-213705 ' value='851886'   \/><label for='answer-id-851886' id='answer-label-851886' class=' answer'><span>Reconnaissance, Initial Access<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-213706'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>When creating a BIOC rule, which XQL query can be used?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='213706' \/><input type='hidden' id='answerType213706' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213706[]' id='answer-id-851887' class='answer   answerof-213706 ' value='851887'   \/><label for='answer-id-851887' id='answer-label-851887' class=' answer'><span>dataset = xdr_data \r\n| filterevent_sub_type = PROCESS_START and \r\naction_process_image_name ~= &quot;.*?.(?:pdf|docx).exe&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213706[]' id='answer-id-851888' class='answer   answerof-213706 ' value='851888'   \/><label for='answer-id-851888' id='answer-label-851888' class=' answer'><span>dataset = xdr_data \r\n| filter event_type = PROCESS and \r\nevent_sub_type = PROCESS_START and \r\naction_process_image_name ~= &quot;.*?.(?:pdf|docx).exe&quot;<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213706[]' id='answer-id-851889' class='answer   answerof-213706 ' value='851889'   \/><label for='answer-id-851889' id='answer-label-851889' class=' answer'><span>dataset = xdr_data \r\n| filter action_process_image_name ~= &quot;.*?.(?:pdf|docx).exe&quot; \r\n| fields action_process_image<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213706[]' id='answer-id-851890' class='answer   answerof-213706 ' value='851890'   \/><label for='answer-id-851890' id='answer-label-851890' class=' answer'><span>dataset = xdr_data \r\n| filter event_behavior = true \r\nevent_sub_type = PROCESS_START and \r\naction_process_image_name ~=&quot;.*?.(?:pdf|docx).exe&quot;<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-213707'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>When creating a scheduled report which is not an option?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='213707' \/><input type='hidden' id='answerType213707' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213707[]' id='answer-id-851891' class='answer   answerof-213707 ' value='851891'   \/><label for='answer-id-851891' id='answer-label-851891' class=' answer'><span>Run weekly on a certain day and time.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213707[]' id='answer-id-851892' class='answer   answerof-213707 ' value='851892'   \/><label for='answer-id-851892' id='answer-label-851892' class=' answer'><span>Run quarterly on a certain day and time.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213707[]' id='answer-id-851893' class='answer   answerof-213707 ' value='851893'   \/><label for='answer-id-851893' id='answer-label-851893' class=' answer'><span>Run monthly on a certain day and time.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213707[]' id='answer-id-851894' class='answer   answerof-213707 ' value='851894'   \/><label for='answer-id-851894' id='answer-label-851894' class=' answer'><span>Run daily at a certain time (selectable hours and minutes).<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-213708'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>When using the \u201cFile Search and Destroy\u201d feature, which of the following search hash type is supported?<\/div><input type='hidden' name='question_id[]' id='qID_19' value='213708' \/><input type='hidden' id='answerType213708' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213708[]' id='answer-id-851895' class='answer   answerof-213708 ' value='851895'   \/><label for='answer-id-851895' id='answer-label-851895' class=' answer'><span>SHA256 hash of the file<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213708[]' id='answer-id-851896' class='answer   answerof-213708 ' value='851896'   \/><label for='answer-id-851896' id='answer-label-851896' class=' answer'><span>AES256 hash of the file<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213708[]' id='answer-id-851897' class='answer   answerof-213708 ' value='851897'   \/><label for='answer-id-851897' id='answer-label-851897' class=' answer'><span>MD5 hash of the file<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213708[]' id='answer-id-851898' class='answer   answerof-213708 ' value='851898'   \/><label for='answer-id-851898' id='answer-label-851898' class=' answer'><span>SHA1 hash of the file<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-213709'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>Which statement best describes how Behavioral Threat Protection (BTP) works?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='213709' \/><input type='hidden' id='answerType213709' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213709[]' id='answer-id-851899' class='answer   answerof-213709 ' value='851899'   \/><label for='answer-id-851899' id='answer-label-851899' class=' answer'><span>BTP injects into known vulnerable processes to detect malicious activity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213709[]' id='answer-id-851900' class='answer   answerof-213709 ' value='851900'   \/><label for='answer-id-851900' id='answer-label-851900' class=' answer'><span>BTP runs on the Cortex XDR and distributes behavioral signatures to all agents.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213709[]' id='answer-id-851901' class='answer   answerof-213709 ' value='851901'   \/><label for='answer-id-851901' id='answer-label-851901' class=' answer'><span>BTP matches EDR data with rules provided by Cortex XD<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-213709[]' id='answer-id-851902' class='answer   answerof-213709 ' value='851902'   \/><label for='answer-id-851902' id='answer-label-851902' class=' answer'><span>BTP uses machine Learning to recognize malicious activity even if it is not known.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-21'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons6162\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"6162\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-05-05 07:03:35\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1777964615\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"213690:851823,851824,851825,851826 | 213691:851827,851828,851829,851830 | 213692:851831,851832,851833,851834 | 213693:851835,851836,851837,851838 | 213694:851839,851840,851841,851842 | 213695:851843,851844,851845,851846 | 213696:851847,851848,851849,851850 | 213697:851851,851852,851853,851854 | 213698:851855,851856,851857,851858 | 213699:851859,851860,851861,851862 | 213700:851863,851864,851865,851866 | 213701:851867,851868,851869,851870 | 213702:851871,851872,851873,851874 | 213703:851875,851876,851877,851878 | 213704:851879,851880,851881,851882 | 213705:851883,851884,851885,851886 | 213706:851887,851888,851889,851890 | 213707:851891,851892,851893,851894 | 213708:851895,851896,851897,851898 | 213709:851899,851900,851901,851902\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"213690,213691,213692,213693,213694,213695,213696,213697,213698,213699,213700,213701,213702,213703,213704,213705,213706,213707,213708,213709\";\nWatuPROSettings[6162] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 6162;\t    \nWatuPRO.post_id = 37445;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.66916000 1777964615\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(6162);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14010,134],"tags":[14008,14009],"class_list":["post-37445","post","type-post","status-publish","format-standard","hentry","category-palo-alto-certifications-and-accreditations","category-palo-alto-networks","tag-pcdra","tag-pcdra-dumps"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/37445","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=37445"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/37445\/revisions"}],"predecessor-version":[{"id":37447,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/37445\/revisions\/37447"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=37445"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=37445"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=37445"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}