Browse Exams Pricing

ExamsPCDRAQuestions

PCDRA Exam Questions

104 real PCDRA exam questions with expert-verified answers and explanations. Page 2 of 3.

Question #52Investigation and Response
Which search methods is supported by File Search and Destroy?
Cortex XDR CapabilitiesResponse ActionsFile Search and DestroyIncident Response
Question #53Investigation and Response
Which of the following Live Terminal options are available for Android systems?
Live TerminalAndroid SupportEndpoint ManagementCortex XDR Features
Question #54Investigation and Response
What contains a logical schema in an XQL query?
XQLCortex XDR DatasetsSchemaQuery Language Basics
Question #55Cortex XDR Architecture and Agent Deployment
Which minimum Cortex XDR agent version is required for Kubernetes Cluster?
Cortex XDR agentKubernetesversion requirements
Question #56Cortex XDR Architecture and Agent Deployment
In the Cortex XDR console, from which two pages are you able to manually perform the agent upgrade action? (Choose two.)
Cortex XDR ConsoleAgent ManagementAgent UpgradeEndpoint Administration
Question #57Investigation and Response
Which version of python is used in live terminal?
PythonLive TerminalCortex XDR AgentScripting
Question #58Cortex XDR Architecture and Agent Deployment
Under which conditions is Local Analysis evoked to evaluate a file before the file is allowed to run?
Cortex XDR preventionLocal AnalysisWildFire integrationFile analysis
Question #59Investigation and Response
What is the difference between presets and datasets in XQL?
XQLDatasetsPresetsData Sources
Question #60Investigation and Response
Cortex XDR is deployed in the enterprise and you notice a cobalt strike attack via an ongoing supply chain compromise was prevented on 1 server. What steps can you take to ensure t...
IOCsThreat PreventionCortex XDR ResponseCobalt Strike
Question #61Investigation and Response
Why would one threaten to encrypt a hypervisor or, potentially, a multiple number of virtual machines running on a server?
RansomwareCyber extortionVirtualization securityThreat motivation
Question #62Investigation and Response
What types of actions you can execute with live terminal session?
Live TerminalEndpoint InvestigationRemote RemediationCortex XDR Capabilities
Question #63Investigation and Response
How can you pivot within a row to Causality view and Timeline views for further investigate?
Cortex XDR NavigationCausality ViewTimeline ViewIncident Investigation
Question #64Investigation and Response
What motivation do ransomware attackers have for returning access to systems once their victims have paid?
RansomwareAttacker motivationCybercrime economicsReputation
Question #65Detection and Alert Management
What is the WildFire analysis file size limit for Windows PE files?
WildFireFile size limitPE file analysisMalware detection
Question #66Cortex XDR Architecture and Agent Deployment
Which Exploit Prevention Module (EPM) provides better entropy for randomization of memory locations?
Exploit PreventionASLRMemory RandomizationCortex XDR
Question #67Cortex XDR Architecture and Agent Deployment
To stop a network-based attack, any interference with a portion of the attack pattern is enough to prevent it from succeeding. Which statement is correct regarding the Cortex XDR A...
Cortex XDR AnalyticsEndpoint PreventionAttack Patterns
Question #68Detection and Alert Management
The Cortex XDR console has triggered an incident, blocking a vitally important piece of software in your organization that is known to be benign. Which of the following options wou...
False PositivesGlobal ExceptionsPolicy ManagementPrevention Tuning
Question #69Detection and Alert Management
What kind of malware uses encryption, data theft, denial of service, and possibly harassment to take advantage of a victim?
Malware typesRansomware characteristicsCyber threatsData encryption
Question #70Investigation and Response
As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to open a malicious Word document. You learn from the WildFire report...
Malware PreventionContent UpdatesCortex XDR Agent ActionsThreat Intelligence Application
Question #71Cortex XDR Architecture and Agent Deployment
Can you disable the ability to use the Live Terminal feature in Cortex XDR?
Live TerminalAgent ConfigurationFeature ManagementDeployment Options
Question #72Investigation and Response
Which module provides the best visibility to view vulnerabilities?
Cortex XDR modulesHost InsightsVulnerability visibilityEndpoint security posture
Question #73Cortex XDR Architecture and Agent Deployment
If you have an isolated network that is prevented from connecting to the Cortex Data Lake, which type of Broker VM setup can you use to facilitate the communication?
Broker VMCortex Data Lake connectivityNetwork isolationAgent communication proxy
Question #75Investigation and Response
Which built-in dashboard would be the best option for an executive, if they were looking for the Mean Time to Resolution (MTTR) metric?
Built-in DashboardsMTTRIncident Management MetricsExecutive Reporting
Question #76Detection and Alert Management
Which statement best describes how Behavioral Threat Protection (BTP) works?
Behavioral Threat ProtectionCortex XDR DetectionEDR Data AnalysisDetection Rules
Question #77Investigation and Response
The Action Center can be found on which tab?
Cortex XDR UIAction CenterResponse ActionsIncident Response
Question #78Threat Hunting
How does an attacker prefer to carry out supply-chain attacks?
Supply-chain attacksAttack vectorsSoftware development securityThreat actor tactics
Question #79Cortex XDR Architecture and Agent Deployment
What does the term "TCP/IP" stand for?
TCP/IPNetworkingProtocolsFundamentals
Question #80Investigation and Response
Which of the following is a summary of the remediation suggestions to apply to the file or registry?
RemediationIncident ResponseCortex XDR ConsoleSecurity Operations
Question #81Detection and Alert Management
Which engine, of the following, in Cortex XDR determines the most relevant artifacts in each alert and aggregates all alerts related to an event into an incident?
Cortex XDR enginesCausality AnalysisAlert aggregationIncident creation
Question #82Detection and Alert Management
Which type of BIOC rule is currently available in Cortex XDR?
BIOC rulesCortex XDRDetection capabilities
Question #83Cortex XDR Architecture and Agent Deployment
In Windows and macOS you need to prevent the Cortex XDR Agent from blocking execution of a file based on the digital signer. What is one way to add an exception for the singer?
Agent ConfigurationExclusionsDigital SignersMalware Profiles
Question #84Detection and Alert Management
As a Malware Analyst working with Cortex XDR you notice an alert suggesting that there was a prevented attempt to download Cobalt Strike on one of your servers. Days later, you lea...
Behavioral Threat Protection (BTP)Malware PreventionEndpoint SecurityPolicy Configuration
Question #85Cortex XDR Architecture and Agent Deployment
Which statement is true based on the following Agent Auto Upgrade widget?
Agent Auto UpgradeCortex XDR AgentEndpoint ManagementConfiguration Status
Question #86Threat Hunting
What is the purpose of targeting software vendors in a supply-chain attack?
Supply Chain AttackThreat Actor MotivationsCredential TheftCyberattack Objectives
Question #87Investigation and Response
The Response action breakdown widget belongs to which of the following widget categories?
Cortex XDR WidgetsDashboard CategoriesInvestigation WidgetsResponse Action Tracking
Question #88Investigation and Response
You notice that a hardware device is damaged and important data files have been completely erased from the system. What kind of threat appears to be present here?
Threat typesAvailability attacksCIA triadIncident classification
Question #89Cortex XDR Architecture and Agent Deployment
What is the expiration limit set by Cortex XDR by default for agent upgradation and agent uninstall?
Cortex XDR AgentAgent ManagementDefault Settings
Question #90Investigation and Response
A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to...
Endpoint RemediationFile DeletionCortex XDR Response ActionsAutomated Remediation
Question #91Cortex XDR Architecture and Agent Deployment
Which of the following best defines the Windows Registry as used by the Cortex XDR agent?
Windows RegistryCortex XDR AgentOperating System Fundamentals
Question #92Detection and Alert Management
Which statement best describes how Behavioral Threat Protection (BTP) works?
Behavioral Threat Protection (BTP)Machine LearningThreat DetectionCortex XDR Features
Question #93Investigation and Response
Which of the following paths will successfully activate Remediation Suggestions?
Cortex XDR UIRemediation SuggestionsCausality ViewIncident Investigation
Question #94Reporting and Tuning
In Cortex XDR management console scheduled reports can be forwarded to which of the following applications/services?
Scheduled ReportsReport ForwardingCortex XDR Integrations
Question #95Detection and Alert Management
Which type of IOC can you define in Cortex XDR?
IOCsCortex XDRDetectionSecurity Policy
Question #96Cortex XDR Architecture and Agent Deployment
How much RAM is required in Cortex XDR agent 7.2 for Windows?
Cortex XDR agent requirementsSystem specificationsRAMWindows agent
Question #97Cortex XDR Architecture and Agent Deployment
The analytics engine creates and maintains a very large number of profile types, but they can all be categorized into how many categories in general?
Analytics EngineProfile TypesData CategorizationCortex XDR Architecture
Question #98Reporting and Tuning
Cortex XDR automatically disables BIOC rules that reach how many hits over what period of time?
BIOC rulesCortex XDR tuningAlert managementRule management
Question #99Detection and Alert Management
What kind of the threat typically encrypts user files?
RansomwareThreat typesMalwareFile encryption
Question #100Investigation and Response
When using the "File Search and Destroy" feature, which of the following search hash type is supported?
Cortex XDR featuresFile Search and DestroyHashing algorithmsResponse actions
Question #101Cortex XDR Architecture and Agent Deployment
If you have an isolated network that is prevented from connecting to the Cortex Data Lake, which type of Broker VM setup can you use to facilitate the communication?
Broker VMContent CachingIsolated NetworksAgent Updates
Question #102Investigation and Response
What is by far the most common tactic used by ransomware to shut down a victim's operation?
RansomwareMalware tacticsCyber attacksFile encryption

PreviousPage 2 of 3Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.