Free Preparation Discussions
MENU
Palo Alto Networks Exam PCDRA Topic 7 Question 57 Discussion
Topic #: 7
Under which conditions is Local Analysis evoked to evaluate a file before the file is allowed to run?
Local Analysis is a feature of Cortex XDR that allows the agent to evaluate files locally on the endpoint, without sending them to WildFire for analysis. Local Analysis is evoked when the following conditions are met:
The endpoint isdisconnectedfrom the internet or the Cortex XDR management console, and therefore cannot communicate with WildFire.
The verdict from WildFire is of a typeunknown, meaning that WildFire has not yet analyzed the file or has not reached a conclusive verdict.
Local Analysis uses machine learning models to assess the behavior and characteristics of the file and assign it a verdict of either benign, malware, or grayware. If the verdict is malware or grayware, the agent will block the file from running and report it to the Cortex XDR management console. If the verdict is benign, the agent will allow the file to run and report it to the Cortex XDR management console.Reference:
Local Analysis
WildFire File Verdicts
Mira
1 months agoCorazon
9 days agoDallas
10 days agoMicah
21 days agoMelda
24 days agoStefan
2 months agoTina
5 days agoSkye
7 days agoJerilyn
25 days agoAllene
1 months agoEladia
1 months agoLouvenia
1 months agoLayla
2 months agoDanica
2 months agoShawnda
1 months agoShawna
1 months agoShayne
2 months agoFrederica
2 months ago