Palo Alto Networks Exam PCDRA Topic 6 Question 17 Discussion

Actual exam question for Palo Alto Networks's Palo Alto Networks Certified Detection and Remediation Analyst exam

Question #: 17
Topic #: 6

[All Palo Alto Networks Certified Detection and Remediation Analyst Questions]

As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?

ACreate Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.

BEnable DLL Protection on all servers but there might be some false positives.

CCreate IOCs of the malicious files you have found to prevent their execution.

DEnable Behavioral Threat Protection (BTP) with cytool to prevent the attack from spreading.

Show Suggested Answer

Suggested Answer: A

by Dorthy at May 09, 2022, 07:43 PM

Limited Time Offer

25%

Off

Get Premium PCDRA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!