New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks XDR-Analyst Exam - Topic 1 Question 6 Discussion

Actual exam question for Palo Alto Networks's XDR-Analyst exam
Question #: 6
Topic #: 1
[All XDR-Analyst Questions]

Which statement regarding scripts in Cortex XDR is true?

Show Suggested Answer Hide Answer
Suggested Answer: B

The correct answer is B, the level of risk is assigned to the script upon import. When you import a script to the Agent Script Library in Cortex XDR, you need to specify the level of risk associated with the script. The level of risk determines the permissions and restrictions for running the script on endpoints. The levels of risk are:

Low: The script can be run on any endpoint without requiring approval from the Cortex XDR administrator. The script can also be used in remediation suggestions or automation actions.

Medium: The script can be run on any endpoint, but requires approval from the Cortex XDR administrator. The script can also be used in remediation suggestions or automation actions.

High: The script can only be run on isolated endpoints, and requires approval from the Cortex XDR administrator. The script cannot be used in remediation suggestions or automation actions.

The other options are incorrect for the following reasons:

A is incorrect because not any version of Python script can be run in Cortex XDR. The scripts must be written in Python 2.7, and must follow the guidelines and limitations described in the Cortex XDR documentation. For example, the scripts must not exceed 64 KB in size, must not use external libraries or modules, and must not contain malicious or harmful code.

C is incorrect because not any script can be imported to Cortex XDR, including Visual Basic (VB) scripts. The scripts must be written in Python 2.7, and must follow the guidelines and limitations described in the Cortex XDR documentation. VB scripts are not supported by Cortex XDR, and will not run on the endpoints.

D is incorrect because the script is not run on the machine uploading the script to ensure that it is operational. The script is only validated for syntax errors and size limitations when it is imported to the Agent Script Library. The script is not executed or tested on the machine uploading the script, and the script may still fail or cause errors when it is run on the endpoints.


Agent Script Library

Import a Script

Run Scripts on an Endpoint

by Alease at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium XDR-Analyst Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Kenda
4 days ago
A) Any version of Python script can be run. Wow, that's a lot of flexibility!
upvoted 0 times
...
Shanice
9 days ago
D) The script is run on the machine uploading the script to ensure that it is operational. Gotta test it before letting it loose!
upvoted 0 times
...
Stephane
14 days ago
B) The level of risk is assigned to the script upon import. That's the only way to ensure the script is safe to run.
upvoted 0 times
...
Iraida
19 days ago
I remember something about scripts running on the machine that uploads them, but I’m not clear if that’s always the case or just for testing purposes.
upvoted 0 times
...
Mable
24 days ago
I’m pretty certain that Visual Basic scripts can’t be imported, but I might be mixing it up with another platform.
upvoted 0 times
...
Lenny
29 days ago
I feel like we discussed the risk assignment during import, but I can't recall if it was specifically for scripts or something else.
upvoted 0 times
...
Tawna
1 month ago
I think I remember that only certain types of scripts are allowed, but I’m not sure if it includes all versions of Python.
upvoted 0 times
...
Maryanne
1 month ago
Hmm, I'm not 100% sure about this one. I'll need to review the Cortex XDR documentation to make sure I understand the capabilities and limitations around scripts. Better safe than sorry!
upvoted 0 times
...
Cyril
1 month ago
I've worked with Cortex XDR before, so I think I've got a good handle on this. The key is to focus on the specific details in the question - which statement is true?
upvoted 0 times
...
Felix
2 months ago
I'm a bit confused about the script execution process. Does it really run on the machine uploading the script? That seems like it could be a security risk.
upvoted 0 times
...
Merri
2 months ago
Okay, let me see. I know Python scripts are supported, but I'm not sure about other languages. And the risk level - is that assigned automatically or do we have to do that manually?
upvoted 0 times
...
Jesusita
2 months ago
Hmm, this seems like a tricky one. I'll need to think carefully about the capabilities and limitations of scripts in Cortex XDR.
upvoted 0 times
...

Save Cancel