Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 87

A Linux endpoint with a Cortex XDR Pro per Endpoint license and Enhanced Endpoint Data enabled has reported malicious activity, resulting in the creation of a file that you wish to delete. Which action could you take to delete the file?

Answer options

• A. Manually remediate the problem on the endpoint in question.
• B. Open X2go from the Cortex XDR console and delete the file via X2go.
• C. Initiate Remediate Suggestions to automatically delete the file.
• D. Open an NFS connection from the Cortex XDR console and delete the file.

Correct answer: C

Explanation

The correct answer is C, as initiating Remediate Suggestions allows for automated actions to be taken against detected threats, including file deletion. Option A is incorrect because manual remediation may not be efficient for all situations. Option B is not valid as X2go is not the appropriate method for file deletion in this context. Option D is also incorrect since using NFS connections does not relate to the Cortex XDR console's capabilities for file management.