Free PCDRA Exam Braindumps


  • Exam Code: PCDRA
    Exam Title: Palo Alto Networks Certified Detection and Remediation Analyst
  • Exam Provider: Palo Alto Networks
  • Exam Questions: 91
  • Updated On: 17-Feb-2024

PCDRA
FREE EXAM DUMPS QUESTIONS & ANSWERS

Palo Alto Networks
PCDRA
Palo Alto Networks Certified Detection and Remediation Analyst

Total Questions: 59

View PCDRA actual exam questions, answers and explanations for free.

Go To PCDRA Questions



Post your Comments and Discuss Palo Alto Networks PCDRA exam with other Community members:

cert 9/24/2023 4:53:00 PM
admin guide (windows) respond to malicious causality chains. when the cortex xdr agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the ip address to close all existing communication and block new connections from this ip address to the endpoint. when cortex xdrblocks an ip address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. you can view the list of all blocked ip addresses per endpoint from the action center, as well as unblock them to re-enable communication as appropriate. this module is supported with cortex xdr agent 7.3.0 and later. select the action mode to take when the cortex xdr agent detects remote malicious causality chains: enabled (default)—terminate connection and block ip address of the remote connection. disabled—do not block remote ip addresses. to allow specific and known s
Anonymous
upvote

cert 9/24/2023 4:53:46 PM
admin guide (Windows) Respond to Malicious Causality Chains. When the Cortex XDR agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the IP address to close all existing communication and block new connections from this IP address to the endpoint. When Cortex XDRblocks an IP address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. You can view the list of all blocked IP addresses per endpoint from the Action Center, as well as unblock them to re-enable communication as appropriate. This module is supported with Cortex XDR agent 7.3.0 and later. Select the Action Mode to take when the Cortex XDR agent detects remote malicious causality chains: Enabled (default)—Terminate connection and block IP address of the remote connection. Disabled—Do not block remote IP addresses. To allow specific and known s
Anonymous
upvote