PCDRA Question #37: Real Exam Question with Answer & Explanation

Sign in or unlock PCDRA to reveal the answer and full explanation for question #37. The question stem and answer options stay visible for context.

Submitted by yasin.bd· Apr 18, 2026Investigation and Response

Question

As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to open a malicious Word document. You learn from the WildFire report and AutoFocus that this document is known to have been used in Phishing campaigns since 2018. What steps can you take to ensure that the same document is not opened by other users in your organization protected by the Cortex XDR agent?

Options

AEnable DLL Protection on all endpoints but there might be some false positives.
BCreate Behavioral Threat Protection (BTP) rules to recognize and prevent the activity.
CNo step is required because Cortex shares IOCs with our fellow Cyber Threat Alliance members.
DNo step is required because the malicious document is already stopped.

Unlock PCDRA to see the answer

You've previewed enough free PCDRA questions. Unlock PCDRA for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock PCDRA - $49.99 / 30 days Sign in

Topics

#Behavioral Threat Protection#Prevention Policies#Threat Intelligence#Cortex XDR Prevention

Full PCDRA Practice Browse All PCDRA Questions