Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 65

To stop a network-based attack, any interference with a portion of the attack pattern is enough to prevent it from succeeding. Which statement is correct regarding the Cortex XDR Analytics module?

Answer options

• A. It interferes with the pattern as soon as it is observed on the endpoint.
• B. It does not interfere with any portion of the pattern on the endpoint.
• C. It does not need to interfere with the any portion of the pattern to prevent the attack.
• D. It interferes with the pattern as soon as it is observed by the firewall.

Correct answer: B

Explanation

The correct answer is B because the Cortex XDR Analytics module does not interfere with the attack pattern at the endpoint, meaning it does not actively disrupt the attack. Option A is incorrect as it claims immediate disruption upon observation, which is not true. Option C incorrectly suggests that prevention can occur without any interference, and option D inaccurately states that the firewall observes and interferes with the pattern.