Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PCDRA Topic 1 Question 67 Discussion

Actual exam question for Palo Alto Networks's PCDRA exam
Question #: 67
Topic #: 1
[All PCDRA Questions]

Which function describes the removal of a specific file from its location on a local or removable drive to a protected folder to prevent the file from being executed?

Show Suggested Answer Hide Answer
Suggested Answer: C

The function that describes the removal of a specific file from its location on a local or removable drive to a protected folder to prevent the file from being executed isquarantine. Quarantine is a feature of Cortex XDR that allows you to isolate malicious or suspicious files from the endpoint and prevent them from running or spreading. You can quarantine files manually from the Cortex XDR console, or automatically based on the malware analysis profile or the remediation suggestions. When you quarantine a file, the Cortex XDR agent encrypts the file and moves it to a hidden folder under the agent installation directory. The file is also renamed with a random string and a .quarantine extension. You can view, restore, or delete the quarantined files from the Cortex XDR console.Reference:

Quarantine Files

Manage Quarantined Files


Contribute your Thoughts:

Timmy
2 months ago
C) Quarantine is the way to go. Gotta keep those files in line, you know? Though I do wonder if 'flag for removal' would work in a pinch. Eh, better safe than sorry.
upvoted 0 times
...
Peggie
2 months ago
I'm going with C) Quarantine. Sounds like the best way to keep that file in check and out of trouble. Plus, it's fun to say 'quarantine' - it's like a secret agent operation!
upvoted 0 times
Christa
12 days ago
Quarantine sounds like the safest choice for that file.
upvoted 0 times
...
Pok
14 days ago
Quarantine it is, let's keep that file under surveillance.
upvoted 0 times
...
Leonida
1 months ago
I think Quarantine is the best option to prevent any harm from that file.
upvoted 0 times
...
Genevive
1 months ago
I agree, Quarantine does sound like a secret agent operation.
upvoted 0 times
...
...
Carissa
2 months ago
Quarantine is definitely the way to go. You don't want that pesky file roaming around, causing mischief. C is the clear choice here.
upvoted 0 times
Coral
22 days ago
Definitely don't want that file running amok, quarantine is the way to go.
upvoted 0 times
...
Benedict
24 days ago
Quarantine is like putting the file in timeout, it can't do any harm there.
upvoted 0 times
...
Coral
1 months ago
I agree, quarantine is the best option to keep that file in check.
upvoted 0 times
...
...
Pansy
2 months ago
I'm not sure, but I think it could also be B) Isolation to keep the file separate from the rest of the system.
upvoted 0 times
...
Earleen
2 months ago
Hmm, I'm not sure. B) Isolation doesn't seem to fit, and D) Flag for removal is too vague. I'd go with C) Quarantine.
upvoted 0 times
Jeannetta
2 months ago
Quarantine it is then, let's go with C).
upvoted 0 times
...
Cherry
2 months ago
I think C) Quarantine is the best option.
upvoted 0 times
...
Gerry
2 months ago
I agree, Quarantine makes the most sense in this situation.
upvoted 0 times
...
...
Kenny
3 months ago
I agree with Lashawn, Quarantine makes sense to prevent the file from being executed.
upvoted 0 times
...
Herschel
3 months ago
C) Quarantine sounds like the right answer. It's the only option that mentions moving a file to a protected folder to prevent execution.
upvoted 0 times
Juan
1 months ago
C) Quarantine sounds like the right answer. It's the only option that mentions moving a file to a protected folder to prevent execution.
upvoted 0 times
...
Claudia
2 months ago
D) Flag for removal
upvoted 0 times
...
Theresia
2 months ago
C) Quarantine
upvoted 0 times
...
Fidelia
2 months ago
B) Isolation
upvoted 0 times
...
Joseph
2 months ago
A) Search & destroy
upvoted 0 times
...
...
Lashawn
3 months ago
I think the answer is C) Quarantine.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77