PCDRA 無料問題集「Palo Alto Networks Certified Detection and Remediation Analyst」

（A）Automatically block the IP addresses involved in malicious traffic.

（B）Automatically terminate the threads involved in malicious activity.

（C）Automatically kill the processes involved in malicious activity.

（D）Automatically close the connections involved in malicious traffic.

（A）Only alerts with the same host are grouped together into one Incident in a given time frame.

（B）Every alert creates a new Incident.

（C）Alerts with same causality chains that occur within a given time frame are grouped together into an Incident.

（D）Alerts that occur within athree-hourtime frame are grouped together into one Incident.

（A）Kernel exploits are easier to prevent then application exploits.

（B）The ultimate goal of any exploit is to reach the application.

（C）Application exploits leverage kernel vulnerability.

（D）The ultimate goal of any exploit is to reach the kernel.

（A）WildFire accepts and analyses a sample to provide a verdict.

（B）WildFire is the engine that runs on the local agent and determines whether behavioural threats are occurring on the endpoint.

（C）WildFire runs in the cloud and analyses alert data from the XDR agent to check for behavioural threats.

（D）WildFire runs entirely on the agent to quickly analyse samples and provide a verdict.

（A）Causality Analysis Engine

（B）Causality Chain Engine

（C）Sensor Engine

（D）Log Stitching Engine

（A）Host Inventory Data Collection is enabled.

（B）133 agents have full disk encryption.

（C）3,297 total incidents have been detected.

（D）Forensic inventory data collection is enabled.

（A）It is false positive.

（B）It is true positive.

（C）It is true negative.

（D）It is a false negative.

（A）Source IP Address

（B）Destination IP Address

（C）Source port

（D）Destination IPAddress: Destination

（A）Manually star an alert.

（B）Manually star an Incident.

（C）Create an alert-starring configuration.

（D）Create an Incident-starring configuration.