ExamGecko

Palo Alto Networks PCDRA Practice Test - Questions Answers, Page 7

Question list
Search
Search

Question 61

Report
Export
Collapse

What is by far the most common tactic used by ransomware to shut down a victim's operation?

A.
preventing the victim from being able to access APIs to cripple infrastructure
A.
preventing the victim from being able to access APIs to cripple infrastructure
Answers
B.
denying traffic out of the victims network until payment is received
B.
denying traffic out of the victims network until payment is received
Answers
C.
restricting access to administrative accounts to the victim
C.
restricting access to administrative accounts to the victim
Answers
D.
encrypting certain files to prevent access by the victim
D.
encrypting certain files to prevent access by the victim
Answers
Suggested answer: D

Explanation:

Ransomware is a type of malicious software, or malware, that encrypts certain files or data on the victim's system or network and prevents them from accessing their data until they pay a ransom. This is by far the most common tactic used by ransomware to shut down a victim's operation, as it can cause costly disruptions, data loss, and reputational damage. Ransomware can affect individual users, businesses, and organizations of all kinds. Ransomware can spread through various methods, such as phishing emails, malicious attachments, compromised websites, or network vulnerabilities. Some ransomware variants can also self-propagate and infect other devices or networks. Ransomware authors typically demand payment in cryptocurrency or other untraceable methods, and may threaten to delete or expose the encrypted data if the ransom is not paid within a certain time frame. However, paying the ransom does not guarantee that the files will be decrypted or that the attackers will not target the victim again.Therefore, the best way to protect against ransomware is to prevent infection in the first place, and to have a backup of the data in case of an attack1234

What is Ransomware? | How to Protect Against Ransomware in 2023

Ransomware - Wikipedia

What is ransomware? | Ransomware meaning | Cloudflare

[What Is Ransomware? | Ransomware.org]

[Ransomware --- FBI]

asked 23/09/2024
josh hill
37 questions

Question 62

Report
Export
Collapse

Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques.

A.
Exfiltration, Command and Control, Collection
A.
Exfiltration, Command and Control, Collection
Answers
B.
Exfiltration, Command and Control, Privilege Escalation
B.
Exfiltration, Command and Control, Privilege Escalation
Answers
C.
Exfiltration, Command and Control, Impact
C.
Exfiltration, Command and Control, Impact
Answers
D.
Exfiltration, Command and Control, Lateral Movement
D.
Exfiltration, Command and Control, Lateral Movement
Answers
Suggested answer: D

Explanation:

Cortex XDR Analytics is a feature of Cortex XDR that leverages machine learning and behavioral analytics to detect and alert on malicious activity across the network and endpoint layers. Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques: Exfiltration, Command and Control, Lateral Movement, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, and Collection. However, among the options given in the question, the correct answer is D, Exfiltration, Command and Control, Lateral Movement. These are three of the most critical techniques that indicate an advanced and persistent threat (APT) in the environment. Exfiltration refers to the technique of transferring data or information from the compromised system or network to an external location controlled by the adversary. Command and Control refers to the technique of communicating with the compromised system or network to provide instructions, receive data, or update malware. Lateral Movement refers to the technique of moving from one system or network to another within the same environment, usually to gain access to more resources or data. Cortex XDR Analytics can alert on these techniques by analyzing various data sources, such as network traffic, firewall logs, endpoint events, and threat intelligence, and applying behavioral models, anomaly detection, and correlation rules.Cortex XDR Analytics can also map the alerts to the corresponding MITRE ATT&CKTM techniques and provide additional context and visibility into the attack chain1234

Cortex XDR Analytics

MITRE ATT&CKTM

Cortex XDR Analytics MITRE ATT&CKTM Techniques

Cortex XDR Analytics Alert Categories

asked 23/09/2024
Jailson Batista
35 questions

Question 63

Report
Export
Collapse

When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 64

Report
Export
Collapse

A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate. Which statement is correct for the incident?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 65

Report
Export
Collapse

What is the outcome of creating and implementing an alert exclusion?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 66

Report
Export
Collapse

Which statement is true for Application Exploits and Kernel Exploits?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 67

Report
Export
Collapse

To create a BIOC rule with XQL query you must at a minimum filter on which field in order for it to be a valid BIOC rule?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 68

Report
Export
Collapse

Which of the following is an example of a successful exploit?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 69

Report
Export
Collapse

Which of the following represents the correct relation of alerts to incidents?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 70

Report
Export
Collapse

Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member
Total 91 questions
Go to page: of 10