Palo Alto Networks Exam PCDRA Topic 1 Question 67 Discussion

Actual exam question for Palo Alto Networks's PCDRA exam

Question #: 67
Topic #: 1

Which function describes the removal of a specific file from its location on a local or removable drive to a protected folder to prevent the file from being executed?

ASearch & destroy

BIsolation

CQuarantine

DFlag for removal

Show Suggested Answer

Suggested Answer: C

The function that describes the removal of a specific file from its location on a local or removable drive to a protected folder to prevent the file from being executed isquarantine. Quarantine is a feature of Cortex XDR that allows you to isolate malicious or suspicious files from the endpoint and prevent them from running or spreading. You can quarantine files manually from the Cortex XDR console, or automatically based on the malware analysis profile or the remediation suggestions. When you quarantine a file, the Cortex XDR agent encrypts the file and moves it to a hidden folder under the agent installation directory. The file is also renamed with a random string and a .quarantine extension. You can view, restore, or delete the quarantined files from the Cortex XDR console.Reference:

Quarantine Files

Manage Quarantined Files

by Johnna at Sep 15, 2024, 04:09 PM

Limited Time Offer

25%

Off

Get Premium PCDRA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Timmy

2 months ago

C) Quarantine is the way to go. Gotta keep those files in line, you know? Though I do wonder if 'flag for removal' would work in a pinch. Eh, better safe than sorry.

upvoted 0 times

...

Peggie

2 months ago

I'm going with C) Quarantine. Sounds like the best way to keep that file in check and out of trouble. Plus, it's fun to say 'quarantine' - it's like a secret agent operation!

upvoted 0 times