Palo Alto Networks PCDRA Practice Test - Questions Answers, Page 7
List of questions
Related questions
Question 61
What is by far the most common tactic used by ransomware to shut down a victim's operation?
Explanation:
Ransomware is a type of malicious software, or malware, that encrypts certain files or data on the victim's system or network and prevents them from accessing their data until they pay a ransom. This is by far the most common tactic used by ransomware to shut down a victim's operation, as it can cause costly disruptions, data loss, and reputational damage. Ransomware can affect individual users, businesses, and organizations of all kinds. Ransomware can spread through various methods, such as phishing emails, malicious attachments, compromised websites, or network vulnerabilities. Some ransomware variants can also self-propagate and infect other devices or networks. Ransomware authors typically demand payment in cryptocurrency or other untraceable methods, and may threaten to delete or expose the encrypted data if the ransom is not paid within a certain time frame. However, paying the ransom does not guarantee that the files will be decrypted or that the attackers will not target the victim again.Therefore, the best way to protect against ransomware is to prevent infection in the first place, and to have a backup of the data in case of an attack1234
What is Ransomware? | How to Protect Against Ransomware in 2023
Ransomware - Wikipedia
What is ransomware? | Ransomware meaning | Cloudflare
[What Is Ransomware? | Ransomware.org]
[Ransomware --- FBI]
Question 62
Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques.
Explanation:
Cortex XDR Analytics is a feature of Cortex XDR that leverages machine learning and behavioral analytics to detect and alert on malicious activity across the network and endpoint layers. Cortex XDR Analytics can alert when detecting activity matching the following MITRE ATT&CKTM techniques: Exfiltration, Command and Control, Lateral Movement, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, and Collection. However, among the options given in the question, the correct answer is D, Exfiltration, Command and Control, Lateral Movement. These are three of the most critical techniques that indicate an advanced and persistent threat (APT) in the environment. Exfiltration refers to the technique of transferring data or information from the compromised system or network to an external location controlled by the adversary. Command and Control refers to the technique of communicating with the compromised system or network to provide instructions, receive data, or update malware. Lateral Movement refers to the technique of moving from one system or network to another within the same environment, usually to gain access to more resources or data. Cortex XDR Analytics can alert on these techniques by analyzing various data sources, such as network traffic, firewall logs, endpoint events, and threat intelligence, and applying behavioral models, anomaly detection, and correlation rules.Cortex XDR Analytics can also map the alerts to the corresponding MITRE ATT&CKTM techniques and provide additional context and visibility into the attack chain1234
Cortex XDR Analytics
MITRE ATT&CKTM
Cortex XDR Analytics MITRE ATT&CKTM Techniques
Cortex XDR Analytics Alert Categories
Question 63
When selecting multiple Incidents at a time, what options are available from the menu when a user right-clicks the incidents? (Choose two.)
Question 64
A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate. Which statement is correct for the incident?
Question 65
What is the outcome of creating and implementing an alert exclusion?
Question 66
Which statement is true for Application Exploits and Kernel Exploits?
Question 67
To create a BIOC rule with XQL query you must at a minimum filter on which field in order for it to be a valid BIOC rule?
Question 68
Which of the following is an example of a successful exploit?
Question 69
Which of the following represents the correct relation of alerts to incidents?
Question 70
Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?
Question