Download Palo Alto PCCET Questions | 100% Correct Answers | Verified | Latest 2024 Version and more Exams Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!
Palo Alto PCCET Questions | 100% Correct
Answers | Verified | Latest 2024 Version
Which type of cyberattack sends extremely high volumes of network traffic such as packets, data, or transactions that render the victim's network unavailable or unusable? A. distributed denial-of-service (DDoS) B. spamming botnet C. phishing botnet D. denial-of-service (DoS) - ✔✔A Which core component of Cortex combines security orchestration, incident management, and interactive investigation to serve security teams across the incident lifecycle? A. AutoFocus B. Cortex XDR C. Cortex XSOAR D. Cortex Data Lake - ✔✔C Which type of advanced malware has entire sections of code that serve no purpose other than to change the signature of the malware, thus producing an infinite number of signature hashes for even the smallest of malware programs? A. distributed B. polymorphic C. multi-functional D. obfuscated - ✔✔B Which type of phishing attack is specifically directed at senior executives or other high-profile targets within an organization? A. whaling B. watering hole C. pharming
D. spear phishing - ✔✔A Which wireless security protocol includes improved security for IoT devices, smart bulbs, wireless appliances, and smart speakers? A. WPA B. WPA C. WPA D. WEP - ✔✔B Which tactic, technique, or procedure (TTP) masks application traffic over port 443 (HTTPS)? A. using non-standard ports B. hopping ports C. hiding within SSL encryption D. tunneling - ✔✔C Which specific technology is associated with Web 3.0? A. social networks B. instant messaging C. remote meeting software D. blockchain - ✔✔D Which Wi-Fi attack leverages device information about which wireless networks it previously connected to? A. evil twin B. man-in-the-middle C. Jasager D. SSLstrip - ✔✔C
B. anti-malware update C. SaaS D. threat vector - ✔✔D Which kind of server is a master server that is designed to listen to individual compromised endpoints and respond with appropriate attack commands? A. command and control B. bot C. web D. directory services - ✔✔A What type of malware can have multiple control servers distributed all over the world with multiple fallback options? A. logic bombs B. rootkits C. advanced or modern D. exploits - ✔✔C Which type of malware disables protection software? A. anti-AV B. Trojan horse C. ransomware D. worm - ✔✔A Another term for a bot is a "zombie". (True or False) - ✔✔T The spread of unsolicited content to targeted endpoints is known as what? A. spamming B. pharming
C. phishing D. exploiting - ✔✔A Which type of attack utilizes many endpoints as bots or attackers in a coordinated effort, and can be extremely effective in taking down a website or some other publicly accessible service? A. Bluetooth B. adware C. distributed denial-of-service D. man-in-the-middle - ✔✔C Which Wi-Fi attack intercepts the victim's web traffic, redirects the victim's browser to a web server that it controls, and serves up whatever content the attacker desires? A. Evil Twin B. SSLstrip C. Emotet D. Jasager - ✔✔B Which part of APTs indicate that attackers use advanced malware and exploits and typically also have the skills and resources necessary to develop additional cyberattack tools and techniques? A. Secure B. Persistent C. Threat D. Advanced - ✔✔D WPA2 includes a function that generates a 256-bit key based on a much shorter passphrase created by the administrator of the Wi-Fi network and the service set identifier (SSID) of the AP is used as a salt (random data) for the one-way hash function. (True or False) - ✔✔T Which component of the zero trust conceptual architecture is called a "platform" to reflect that it is made up of multiple distinct (and potentially distributed) security technologies that operate as part of a
Which record specifies authoritative information about a DNS zone such as primary name server, email address of the domain administrator, and domain serial number? A. Canonical Name (CNAME) B. Mail Exchanger (MX) C. Pointer (PTR) D. Start of Authority (SOA) - ✔✔D Which 32-bit logical address is the most widely deployed version of IP? A. IPv B. IPv C. IPv D. IPv3 - ✔✔C Subnetting should not be used to limit network traffic or limit the number of devices that are visible to, or can connect to, each other. (True or False) - ✔✔F What does the acronym CIDR represent? A. Classful Inter Dependant Routing B. Classless Inter-Domain Routing C. Classless Inter Dependant Routing D. Classful Inter Domain Routing - ✔✔B Which IDS/IPS system uses a database of known vulnerabilities and attack profiles to identify intrusion attempts? A. knowledge-based B. behavior-based C. intuitive-based D. standards-based - ✔✔A
Which type of system does not perform any preventive action to stop an attack? A. data loss prevention B. Intrusion Prevention C. Unified Threat Management D. intrusion detection - ✔✔D A robust data loss prevention (DLP) solution can detect data patterns even if the data is encrypted. (True or False) - ✔✔T Which next-generation product replaces UTM appliances to reduce traffic inspection latency? A. hub B. switch C. firewall D. router - ✔✔C Which malware type can change code and signature patterns with each iteration? A. polymorphic B. metamorphic C. ransomware D. rooting - ✔✔B Which security method requires passcodes, enables encryption, locks down security settings, and prevents jailbreaking or rooting? A. policy enforcement B. software distribution C. data loss prevention D. malware protection - ✔✔A
B. switch C. router D. access point - ✔✔C Which area network separates the control and management processes from the underlying networking hardware for simplified configuration and deployment? A. wireless local area network (WLAN) B. software-defined wide area network (SD-WAN) C. wide area network (WAN) D. local area network (LAN) - ✔✔B Which category of IoT enables real-time use cases, such as autonomous vehicles, with 4G LTE Advanced Pro delivering speeds in excess of 3Gbps and less than 2 milliseconds of latency? A. low-power WAN B. satellite C. cellular D. short-range wireless - ✔✔C What is the decimal representation of binary 1111 1101? A. 251 B. 252 C. 253 D. 254 - ✔✔C Which class of address begins with the decimal 130 in the first octet? A. Class A B. Class B C. Class C D. Class D - ✔✔B
Which layer of the OSI model ensures that messages are delivered to the proper device across a physical network? A. Application B. Data Link C. Network D. Presentation - ✔✔B Which type of firewall operates up to Layer 4 (transport layer) of the OSI model and inspects individual packet headers to determine source and destination IP address, protocol (TCP, UDP, ICMP), and port number? A. proxy B. application C. packet filtering D. stateful inspection - ✔✔C Which type of system automatically blocks or drops suspicious, pattern-matching activity on the network in real time? A. Intrusion Detection B. Unified Threat Management C. Data Loss Prevention D. Intrusion Prevention - ✔✔D Which VPN technology has become the standard method of connecting remote endpoint devices back to the enterprise network? A. L2TP B. PPTP C. IPsec D. SSL - ✔✔D
A. Define your protect surface. B. Architect a Zero Trust network. C. Create the Zero Trust policy. D. Map the transaction flows. - ✔✔D Which WildFire verdict is given for a submission that is malicious in nature and intent and can pose security threats (for example, viruses, worms, Trojan horses, rootkits, botnets, and remote-access toolkits)? A. phishing B. malware C. benign D. grayware - ✔✔B Which value can be achieved by the ability to pool resources in cloud computing? A. resource aggregation B. economies of scale and agility C. application consolidation D. elasticity - ✔✔B Which cloud solution is hosted in-house and usually is supported by a third party? A. distributed workforce B. cloud infrastructure C. on-premises D. infrastructure as a service - ✔✔C Which software development concept that also has been applied more generally to IT says that additional future costs for rework are anticipated due to an earlier decision or course of action that was necessary for agility but was not necessarily the most optimal or appropriate decision or course of action? A. role-based access control
B. technical debt C. software lifecycle D. runtime environment - ✔✔B In which cloud service model are customers responsible for securing their virtual machines and the virtual machine operating systems, and for operating system runtime environments, application software, and application data? A. platform as a service (PaaS) B. identity as a service (IaaS) C. software as a service (SaaS) D. infrastructure as a service (IaaS) - ✔✔D Which type of hypervisor is hosted and runs within an operating system environment? A. Type 1 B. Type 2 C. Type 3 D. Type 4 - ✔✔B Which cloud security best practice is deployed to ensure that every person who views or works with your data has access only to what is absolutely necessary? A. set appropriate privileges B. keep cloud software updated C. build security policies and best practices into cloud images D. review default settings - ✔✔A Which security consideration is associated with inadvertently missed anti-malware and security patch updates to virtual machines? A. hypervisor vulnerabilities B. VM sprawl C. dormant VMs
Which security technology is designed to help organizations embrace the concepts of cloud and mobility by providing network and network security services from a common cloud-delivered architecture? A. cloud native B. secure access service edge (SASE) C. platform as a service D. distributed cloud - ✔✔B Which cloud native security platform function remediates vulnerabilities and misconfigurations consistently across the entire build-deploy-run lifecycle? A. automation B. integration C. visibility D. continuity - ✔✔A Which Prisma SaaS feature connects directly to the applications themselves and provides continuous silent monitoring of the risks within sanctioned SaaS applications, with detailed luminosity that is not possible with traditional security solutions? A. granular data visibility B. large scale data control C. data exposure visibility D. contextual data exposure - ✔✔C Which sanctioned SaaS use control prevents known and unknown malware from residing in sanctioned SaaS applications, regardless of source? A. threat prevention B. data visibility control C. risk prevention D. data exposure control - ✔✔A
Which type of algorithm does Prisma SaaS use to sort sensitive documents into top-level categories for document classification and categorization? A. dynamic programming B. supervised machine learning C. artificial intelligence D. recursive - ✔✔B In which cloud computing service model does a provider secure the physical computers running the virtual environment? A. platform as a service (PaaS) B. software as a service (SaaS) C. infrastructure as a service (IaaS) D. public cloud - ✔✔C Which cloud infrastructure comprises two or more cloud deployment models, bound by standardized or proprietary technology that enables data and application portability? A. private B. public C. community D. hybrid - ✔✔D What is the purpose of the shared responsibility model? A. helps your organization scale B. brings cost and operational benefits but also technology benefits C. defines who (customer and/or provider) is responsible for what, related to security, in the public cloud D. pools resources to achieve economies of scale - ✔✔C What allows multiple, virtual operating systems to run concurrently on a single physical host computer? A. serverless computing B. micro-VMs
Introducing security checks early in the software development process is part of which development model? A. DevCyberOps B. DevSecOps C. DevOps D. DevSecTestOps - ✔✔B Organizations are using which resource to expand their on-premises private cloud compute capacity? A. software defined data centers B. public cloud C. virtual storage D. virtual networks - ✔✔B Which statement about hybrid clouds is incorrect? A. Hybrid clouds increase operational efficiencies. B. Hybrid clouds optimize existing hardware resources. C. Hybrid clouds increase data center costs. D. Hybrid clouds can handle "bursty" applications through autoscaling. - ✔✔C Which statement about private clouds is incorrect? A.You need to secure east-west traffic only in a private cloud. B. Compute clusters allow virtual machines to move freely while preserving compute, storage, networking, and security configurations. C. North-south traffic refers to data packets moving in and out of a virtualized environment. D. You can combine multiple physical hosts into one computer cluster. - ✔✔A Which cloud feature continuously monitors an app's behavior and the context of behavior to immediately identify and prevent malicious activity? A. software configuration management (SCM)
B. cloud access security broker (CASB) C. integrated development environment (IDE) D. runtime application self protection (RASP) - ✔✔D Which one of the four Prisma Cloud pillars enforces machine learning-based runtime protection to protect applications and workloads in real time? A. network protection B. visibility, governance, and compliance C. compute security D. identity security - ✔✔C Prisma Access consistently protects all traffic, on all ports and from all applications. (True or False) - ✔✔T Prisma SaaS is deployed as a standalone inline service between the organization's traditional perimeter- based firewalls and requires a software agent to be installed on mobile devices. (True or False) - ✔✔F Prisma SaaS protects data in hosted files and application entries. (True or False) - ✔✔T Which SaaS application behavior is allowed and provided by information technology (IT)? A. tolerated B. prohibited C. sanctioned D. unsanctioned - ✔✔C Which element refers to technologies that enable organizations to collect inputs monitored by the Security Operations team? A. Case Management B. SIEM C. SOAR
