Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 19

What are two purposes of “Respond to Malicious Causality Chains” in a Cortex XDR Windows Malware profile? (Choose two.)

Answer options

• A. Automatically close the connections involved in malicious traffic.
• B. Automatically kill the processes involved in malicious activity.
• C. Automatically terminate the threads involved in malicious activity.
• D. Automatically block the IP addresses involved in malicious traffic.

Correct answer: A, D

Explanation

The correct answers are A and D because 'Respond to Malicious Causality Chains' is designed to handle network threats by closing connections and blocking IP addresses to prevent further malicious activity. Options B and C are incorrect as they focus on process and thread management, which are not the primary functions of this specific feature.