Free Access PaloAltoNetworks.PCDRA.v2022-07-10.q20 Practice Test (Page 2)

Question 1

When creating a custom XQL query in a dashboard, how would a user save that XQL query to the Widget Library?

A.Click on "Save to Widget Library" in the dashboard and you will be prompted to give the query a name and description.

B.Click the three dots on the widget and then choose "Save" and this will link the query to the Widget Library.

C.This isn't supported, you have to exit the dashboard and go into the Widget Library first to create it.

D.Click on "Save to Action Center" in the dashboard and you will be prompted to give the query a name and description.

Question 2

Phishing belongs which of the following MITRE ATT&CK tactics?

A.Initial Access, Persistence

B.Reconnaissance, Persistence

C.Reconnaissance, Initial Access

D.Persistence, Command and Control

Question 3

A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?

A.Open X2go from the Cortex XDR console and delete the file via X2go.

B.Manually remediate the problem on the endpoint in question.

C.Open an NFS connection from the Cortex XDR console and delete the file.

D.Initiate Remediate Suggestions to automatically delete the file.

Question 4

In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?

A.Add the signer to the allow list in the malware profile.

B.In the Restrictions Profile, add the file name and path to the Executable Files allow list.

C.Add the signer to the allow list under the action center page.

D.Create a new rule exception and use the singer as the characteristic.

Question 5

As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you learn about a massive ongoing supply chain attack. Using Cortex XDR you recognize that your server was compromised by the attack and that Cortex XDR prevented it. What steps can you take to ensure that the same protection is extended to all your servers?

A.Enable DLL Protection on all servers but there might be some false positives.

B.Create IOCs of the malicious files you have found to prevent their execution.

C.Create Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.

D.Enable Behavioral Threat Protection (BTP) with cytool to prevent the attack from spreading.

Latest Upload: 106Oracle.1Z0-1057-23.v2025-09-10.q47; 146Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 148TheSecOpsGroup.CNSP.v2025-09-08.q20; 200CFAInstitute.ESG-Investing.v2025-09-08.q173; 150PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 139Salesforce.Data-Architect.v2025-09-05.q216; 135Adobe.AD0-E605.v2025-09-05.q50; 173Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File