ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCDRA
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?
When is the wss (WebSocket Secure) protocol used?
You can star security events in which two ways? (Choose two.)
Why would one threaten to encrypt a hypervisor or, potentially, a multiple number of virtual machines running on a server?
What is the maximum number of agents one Broker VM local agent applet can support?
Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?
What is the Wildfire analysis file size limit for Windows PE files?
How can you pivot within a row to Causality view and Timeline views for further investigate?
In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?
When reaching out to TAC for additional technical support related to a Security Event; what are two critical pieces of information you need to collect from the Agent? (Choose Two)

Question 10 - PCDRA discussion

Report
Export

Which of the following paths will successfully activate Remediation Suggestions?

A.
Incident View > Actions > Remediation Suggestions
Answers
A.
Incident View > Actions > Remediation Suggestions
B.
Causality View > Actions > Remediation Suggestions
Answers
B.
Causality View > Actions > Remediation Suggestions
C.
Alerts Table > Right-click on a process node > Remediation Suggestions
Answers
C.
Alerts Table > Right-click on a process node > Remediation Suggestions
D.
Alerts Table > Right-click on an alert > Remediation Suggestions
Answers
D.
Alerts Table > Right-click on an alert > Remediation Suggestions
Suggested answer: B

Explanation:

Remediation Suggestions is a feature of Cortex XDR that provides you with recommended actions to remediate the root cause and impact of an incident. Remediation Suggestions are based on the analysis of the causality chain, the behavior of the malicious files or processes, and the best practices for incident response. Remediation Suggestions can help you to quickly and effectively contain and resolve an incident, as well as prevent future recurrence.

To activate Remediation Suggestions, you need to follow these steps:

In the Cortex XDR management console, go toIncidentsand select an incident that you want to remediate.

ClickCausality Viewto see the graphical representation of the causality chain of the incident.

ClickActionsand selectRemediation Suggestions. This will open a new window that shows the suggested actions for each node in the causality chain.

Review the suggested actions and select the ones that you want to apply. You can also edit or delete the suggested actions, or add your own custom actions.

ClickApplyto execute the selected actions on the affected endpoints. You can also schedule the actions to run at a later time or date.

Remediate Changes from Malicious Activity: This document explains how to use Remediation Suggestions to remediate the root cause and impact of an incident.

Causality View: This document describes how to use Causality View to investigate the causality chain of an incident.

Show Answer
asked 23/09/2024
Johannes Bickel
55 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms