Home

Home / Palo Alto Networks / PCDRA

Question list

List of questions

Question 1

(0)

When investigating security events, which feature in Cortex XDR is useful for reverting the changes on the endpoint?

Question 2

(0)

What is the purpose of the Cortex Data Lake?

Question 3

(0)

When creating a scheduled report which is not an option?

Question 4

(0)

Which statement regarding scripts in Cortex XDR is true?

Question 5

(0)

What is the function of WildFire for Cortex XDR?

Question 6

(0)

Which profiles can the user use to configure malware protection in the Cortex XDR console?

Question 7

(0)

Which module provides the best visibility to view vulnerabilities?

Question 8

(0)

Which of the following is NOT a precanned script provided by Palo Alto Networks?

Question 9

(0)

The Cortex XDR console has triggered an incident, blocking a vitally important piece of software in your organization that is known to be benign. Which of the following options would prevent Cortex

Question 10

(0)

Which of the following paths will successfully activate Remediation Suggestions?

Open VPLUS File

Convert VPLUS to PDF

Related questions

Which of the following protection modules is checked first in the Cortex XDR Windows agent malware protection flow?

When is the wss (WebSocket Secure) protocol used?

When reaching out to TAC for additional technical support related to a Security Event; what are two critical pieces of information you need to collect from the Agent? (Choose Two)

You can star security events in which two ways? (Choose two.)

Why would one threaten to encrypt a hypervisor or, potentially, a multiple number of virtual machines running on a server?

What is the maximum number of agents one Broker VM local agent applet can support?

Where would you go to add an exception to exclude a specific file hash from examination by the Malware profile for a Windows endpoint?

What is the Wildfire analysis file size limit for Windows PE files?

In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?

What does the following output tell us?

Question 11 - PCDRA discussion

Report

What is an example of an attack vector for ransomware?

A.

Performing DNS queries for suspicious domains

B.

Performing SSL Decryption on an endpoint

C.

Phishing emails containing malicious attachments

D.

A URL filtering feature enabled on a firewall

Suggested answer: C

Explanation:

An example of an attack vector for ransomware is phishing emails containing malicious attachments. Phishing is a technique that involves sending fraudulent emails that appear to come from a legitimate source, such as a bank, a company, or a government agency. The emails typically contain a malicious attachment, such as a PDF document, a ZIP archive, or a Microsoft Office document, that contains ransomware or a ransomware downloader. When the recipient opens or downloads the attachment, the ransomware is executed and encrypts the files or data on the victim's system. The attacker then demands a ransom for the decryption key, usually in cryptocurrency.

Phishing emails are one of the most common and effective ways of delivering ransomware, as they can bypass security measures such as firewalls, antivirus software, or URL filtering. Phishing emails can also exploit the human factor, as they can trick the recipient into opening the attachment by using social engineering techniques, such as impersonating a trusted sender, creating a sense of urgency, or appealing to curiosity or greed. Phishing emails can also target specific individuals or organizations, such as executives, employees, or customers, in a technique called spear phishing, which increases the chances of success.

According to various sources, phishing emails are the main vector of ransomware attacks, accounting for more than 90% of all ransomware infections12.Some of the most notorious ransomware campaigns, such as CryptoLocker, Locky, and WannaCry, have used phishing emails as their primary delivery method3. Therefore, it is essential to educate users on how to recognize and avoid phishing emails, as well as to implement security solutions that can detect and block malicious attachments.Reference:

Top 7 Ransomware Attack Vectors & How to Avoid Becoming a Victim - Bitsight

What Is the Main Vector of Ransomware Attacks? A Definitive Guide

CryptoLocker Ransomware Information Guide and FAQ

[Locky Ransomware Information, Help Guide, and FAQ]

[WannaCry ransomware attack]

Show Answer

asked 23/09/2024

franck ferreira

27 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first