Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks XDR-Analyst Exam - Topic 1 Question 6 Discussion

Actual exam question for Palo Alto Networks's XDR-Analyst exam
Question #: 6
Topic #: 1
[All XDR-Analyst Questions]

Which statement regarding scripts in Cortex XDR is true?

Show Suggested Answer Hide Answer
Suggested Answer: B

The correct answer is B, the level of risk is assigned to the script upon import. When you import a script to the Agent Script Library in Cortex XDR, you need to specify the level of risk associated with the script. The level of risk determines the permissions and restrictions for running the script on endpoints. The levels of risk are:

Low: The script can be run on any endpoint without requiring approval from the Cortex XDR administrator. The script can also be used in remediation suggestions or automation actions.

Medium: The script can be run on any endpoint, but requires approval from the Cortex XDR administrator. The script can also be used in remediation suggestions or automation actions.

High: The script can only be run on isolated endpoints, and requires approval from the Cortex XDR administrator. The script cannot be used in remediation suggestions or automation actions.

The other options are incorrect for the following reasons:

A is incorrect because not any version of Python script can be run in Cortex XDR. The scripts must be written in Python 2.7, and must follow the guidelines and limitations described in the Cortex XDR documentation. For example, the scripts must not exceed 64 KB in size, must not use external libraries or modules, and must not contain malicious or harmful code.

C is incorrect because not any script can be imported to Cortex XDR, including Visual Basic (VB) scripts. The scripts must be written in Python 2.7, and must follow the guidelines and limitations described in the Cortex XDR documentation. VB scripts are not supported by Cortex XDR, and will not run on the endpoints.

D is incorrect because the script is not run on the machine uploading the script to ensure that it is operational. The script is only validated for syntax errors and size limitations when it is imported to the Agent Script Library. The script is not executed or tested on the machine uploading the script, and the script may still fail or cause errors when it is run on the endpoints.


Agent Script Library

Import a Script

Run Scripts on an Endpoint

by Alease at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium XDR-Analyst Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Dorothy
3 days ago
D sounds fishy, I didn't think scripts run on the uploader's machine.
upvoted 0 times
...
Launa
9 days ago
C is definitely not right, VB scripts can't be imported.
upvoted 0 times
...
Sabina
14 days ago
I thought any Python script could run, but it seems that's not true.
upvoted 0 times
...
Angelyn
19 days ago
B is correct, risk levels are assigned on import.
upvoted 0 times
...
Sabra
24 days ago
Hmm, I wonder if the script can also do the Macarena. That would be a neat trick!
upvoted 0 times
...
Phung
29 days ago
C) Any script can be imported including Visual Basic (VB) scripts. I'm not sure that's a good idea, but okay.
upvoted 0 times
...
Kenda
2 months ago
A) Any version of Python script can be run. Wow, that's a lot of flexibility!
upvoted 0 times
...
Shanice
2 months ago
D) The script is run on the machine uploading the script to ensure that it is operational. Gotta test it before letting it loose!
upvoted 0 times
...
Stephane
2 months ago
B) The level of risk is assigned to the script upon import. That's the only way to ensure the script is safe to run.
upvoted 0 times
...
Iraida
2 months ago
I remember something about scripts running on the machine that uploads them, but I’m not clear if that’s always the case or just for testing purposes.
upvoted 0 times
...
Mable
2 months ago
I’m pretty certain that Visual Basic scripts can’t be imported, but I might be mixing it up with another platform.
upvoted 0 times
...
Lenny
3 months ago
I feel like we discussed the risk assignment during import, but I can't recall if it was specifically for scripts or something else.
upvoted 0 times
...
Tawna
3 months ago
I think I remember that only certain types of scripts are allowed, but I’m not sure if it includes all versions of Python.
upvoted 0 times
...
Maryanne
3 months ago
Hmm, I'm not 100% sure about this one. I'll need to review the Cortex XDR documentation to make sure I understand the capabilities and limitations around scripts. Better safe than sorry!
upvoted 0 times
...
Cyril
3 months ago
I've worked with Cortex XDR before, so I think I've got a good handle on this. The key is to focus on the specific details in the question - which statement is true?
upvoted 0 times
...
Felix
3 months ago
I'm a bit confused about the script execution process. Does it really run on the machine uploading the script? That seems like it could be a security risk.
upvoted 0 times
...
Merri
3 months ago
Okay, let me see. I know Python scripts are supported, but I'm not sure about other languages. And the risk level - is that assigned automatically or do we have to do that manually?
upvoted 0 times
...
Jesusita
4 months ago
Hmm, this seems like a tricky one. I'll need to think carefully about the capabilities and limitations of scripts in Cortex XDR.
upvoted 0 times
...

Save Cancel