A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?
A.
Manually remediate the problem on the endpoint in question.
B.
Open X2go from the Cortex XDR console and delete the file via X2go.
C.
Initiate Remediate Suggestions to automatically delete the file.
D.
Open an NFS connection from the Cortex XDR console and delete the file.
Only in windows, not Linux
To initiate remediation suggestions, you must meet the following requirements:
Cortex XDR Pro per Endpoint license
An App Administrator, Privileged Responder, or Privileged Security Admin role permissions which include the remediation permissions
EDR data collection enabled
Agent version 7.2 and above on Windows endpoints
Remediation Suggestions is available only for Windows, so the answer C is Incorrect.
B and D are also incorrect, there is no X2go or NFS, instead, there is "Live Terminal"
yes remediation suggestions lets you delete the file, the keyword in C "automatically" is problematic for me. it is the best choice out of these though.
I think the answer is C. See this overview from Palo Alto: https://youtu.be/HBzxmSjHYt4?si=JqjrLZkLTXBeqXpp&t=452. Here he talks about deleting a file through the Remediation Suggestions.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.PCDRA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
erikzurc
9 months agoAelhouaoui
9 months, 3 weeks agoBS166
1 year agoChiquitabandita
1 year, 1 month agoBlahziblah
1 year, 5 months ago