New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Paloalto Networks PCCET Palo Alto Networks Certified Cybersecurity Entry-level Technician Exam Practice Test

Page: 1 / 16
Total 158 questions

Palo Alto Networks Certified Cybersecurity Entry-level Technician Questions and Answers

Question 1

What is the key to “taking down” a botnet?

Options:

A.

prevent bots from communicating with the C2

B.

install openvas software on endpoints

C.

use LDAP as a directory service

D.

block Docker engine software on endpoints

Question 2

You received an email, allegedly from a bank, that asks you to click a malicious link to take action on your account.

Which type of attack is this?

Options:

A.

Whaling

B.

Spamming

C.

Spear phishing

D.

Phishing

Question 3

Based on how much is managed by the vendor, where can CaaS be situated in the spread of cloud computing services?

Options:

A.

between PaaS and FaaS

B.

between IaaS and PaaS

C.

between On-Prem and IaaS

D.

between FaaS and Serverless

Question 4

In addition to local analysis, what can send unknown files to WildFire for discovery and deeper analysis to rapidly detect potentially unknown malware?

Options:

A.

Cortex XDR

B.

AutoFocus

C.

MineMild

D.

Cortex XSOAR

Question 5

Match the IoT connectivity description with the technology.

Question # 5

Options:

Question 6

What is used to orchestrate, coordinate, and control clusters of containers?

Options:

A.

Kubernetes

B.

Prisma Saas

C.

Docker

D.

CN-Series

Question 7

Why is it important to protect East-West traffic within a private cloud?

Options:

A.

All traffic contains threats, so enterprises must protect against threats across the entire network

B.

East-West traffic contains more session-oriented traffic than other traffic

C.

East-West traffic contains more threats than other traffic

D.

East-West traffic uses IPv6 which is less secure than IPv4

Question 8

Which of the following is an AWS serverless service?

Options:

A.

Beta

B.

Kappa

C.

Delta

D.

Lambda

Question 9

Which NGFW feature is used to provide continuous identification, categorization, and control of known and previously unknown SaaS applications?

Options:

A.

User-ID

B.

Device-ID

C.

App-ID

D.

Content-ID

Question 10

Which security component should you configure to block viruses not seen and blocked by the perimeter firewall?

Options:

A.

endpoint antivirus software

B.

strong endpoint passwords

C.

endpoint disk encryption

D.

endpoint NIC ACLs

Question 11

Which of these ports is normally associated with HTTPS?

Options:

A.

443

B.

5050

C.

25

D.

80

Question 12

How does Cortex XSOAR Threat Intelligence Management (TIM) provide relevant threat data to analysts?

Options:

A.

It creates an encrypted connection to the company's data center.

B.

It performs SSL decryption to give visibility into user traffic.

C.

II prevents sensitive data from leaving the network.

D.

II automates the ingestion and aggregation of indicators.

Question 13

A native hypervisor runs:

Options:

A.

with extreme demands on network throughput

B.

only on certain platforms

C.

within an operating system’s environment

D.

directly on the host computer’s hardware

Question 14

Which statement is true about advanced persistent threats?

Options:

A.

They use script kiddies to carry out their attacks.

B.

They have the skills and resources to launch additional attacks.

C.

They lack the financial resources to fund their activities.

D.

They typically attack only once.

Question 15

In the network diagram below, which device is the router?

Question # 15

Options:

A.

A

B.

C

C.

D

D.

B

Question 16

Which two network resources does a directory service database contain? (Choose two.)

Options:

A.

Services

B.

/etc/shadow files

C.

Users

D.

Terminal shell types on endpoints

Question 17

In which situation would a dynamic routing protocol be the quickest way to configure routes on a router?

Options:

A.

the network is large

B.

the network is small

C.

the network has low bandwidth requirements

D.

the network needs backup routes

Question 18

Which tool supercharges security operations center (SOC) efficiency with the world’s most comprehensive operating platform for enterprise security?

Options:

A.

Prisma SAAS

B.

WildFire

C.

Cortex XDR

D.

Cortex XSOAR

Question 19

Which characteristic of serverless computing enables developers to quickly deploy application code?

Options:

A.

Uploading cloud service autoscaling services to deploy more virtual machines to run their application code based on user demand

B.

Uploading the application code itself, without having to provision a full container image or any OS virtual machine components

C.

Using cloud service spot pricing to reduce the cost of using virtual machines to run their application code

D.

Using Container as a Service (CaaS) to deploy application containers to run their code.

Question 20

Match the Palo Alto Networks WildFire analysis verdict with its definition.

Question # 20

Options:

Question 21

Match the DNS record type to its function within DNS.

Question # 21

Options:

Question 22

You have been invited to a public cloud design and architecture session to help deliver secure east west flows and secure Kubernetes workloads.

What deployment options do you have available? (Choose two.)

Options:

A.

PA-Series

B.

VM-Series

C.

Panorama

D.

CN-Series

Question 23

What is required for a SIEM to operate correctly to ensure a translated flow from the system of interest to the SIEM data lake?

Options:

A.

connectors and interfaces

B.

infrastructure and containers

C.

containers and developers

D.

data center and UPS

Question 24

Which element of the security operations process is concerned with using external functions to help achieve goals?

Options:

A.

interfaces

B.

business

C.

technology

D.

people

Question 25

SecOps consists of interfaces, visibility, technology, and which other three elements? (Choose three.)

Options:

A.

People

B.

Accessibility

C.

Processes

D.

Understanding

E.

Business

Question 26

Under which category does an application that is approved by the IT department, such as Office 365, fall?

Options:

A.

unsanctioned

B.

prohibited

C.

tolerated

D.

sanctioned

Question 27

TCP is the protocol of which layer of the OSI model?

Options:

A.

Transport

B.

Session

C.

Data Link

D.

Application

Question 28

What protocol requires all routers in the same domain to maintain a map of the network?

Options:

A.

EIGRP

B.

Static

C.

RIP

D.

OSPF

Question 29

What does “forensics” refer to in a Security Operations process?

Options:

A.

Collecting raw data needed to complete the detailed analysis of an investigation

B.

Validating cyber analysts’ backgrounds before hiring

C.

Reviewing information about a broad range of activities

D.

Analyzing new IDS/IPS platforms for an enterprise

Question 30

At which layer of the OSI model are routing protocols defined?

Options:

A.

Network

B.

Physical

C.

Transport

D.

Data Link

Question 31

Which Palo Alto subscription service identifies unknown malware, zero-day exploits, and advanced persistent threats (APTs) through static and dynamic analysis in a scalable, virtual environment?

Options:

A.

DNS Security

B.

URL Filtering

C.

WildFire

D.

Threat Prevention

Question 32

In addition to integrating the network and endpoint components, what other component does Cortex integrate to speed up IoC investigations?

Options:

A.

Computer

B.

Switch

C.

Infrastructure

D.

Cloud

Question 33

Which option is a Prisma Access security service?

Options:

A.

Compute Security

B.

Firewall as a Service (FWaaS)

C.

Virtual Private Networks (VPNs)

D.

Software-defined wide-area networks (SD-WANs)

Question 34

Which of the following is a service that allows you to control permissions assigned to users in order for them to access and utilize cloud resources?

Options:

A.

User-ID

B.

Lightweight Directory Access Protocol (LDAP)

C.

User and Entity Behavior Analytics (UEBA)

D.

Identity and Access Management (IAM)

Question 35

From which resource does Palo Alto Networks AutoFocus correlate and gain URL filtering intelligence?

Options:

A.

Unit 52

B.

PAN-DB

C.

BrightCloud

D.

MineMeld

Question 36

Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) fall under which Prisma access service layer?

Options:

A.

Network

B.

Management

C.

Cloud

D.

Security

Question 37

Which organizational function is responsible for security automation and eventual vetting of the solution to help ensure consistency through machine-driven responses to security issues?

Options:

A.

NetOps

B.

SecOps

C.

SecDevOps

D.

DevOps

Question 38

Which network analysis tool can be used to record packet captures?

Options:

A.

Smart IP Scanner

B.

Wireshark

C.

Angry IP Scanner

D.

Netman

Question 39

With regard to cloud-native security in layers, what is the correct order of the four C's from the top (surface) layer to the bottom (base) layer?

Options:

A.

container, code, cluster, cloud

B.

code, container, cluster, cloud

C.

code, container, cloud, cluster

D.

container, code, cloud, cluster

Question 40

Anthem server breaches disclosed Personally Identifiable Information (PII) from a number of its servers. The infiltration by hackers was attributed to which type of vulnerability?

Options:

A.

an intranet-accessed contractor’s system that was compromised

B.

exploitation of an unpatched security vulnerability

C.

access by using a third-party vendor’s password

D.

a phishing scheme that captured a database administrator’s password

Question 41

Which method is used to exploit vulnerabilities, services, and applications?

Options:

A.

encryption

B.

port scanning

C.

DNS tunneling

D.

port evasion

Question 42

Which technique changes protocols at random during a session?

Options:

A.

use of non-standard ports

B.

port hopping

C.

hiding within SSL encryption

D.

tunneling within commonly used services

Question 43

Which Palo Alto Networks subscription service complements App-ID by enabling you to configure the next- generation firewall to identify and control access to websites and to protect your organization from websites hosting malware and phishing pages?

Options:

A.

Threat Prevention

B.

DNS Security

C.

WildFire

D.

URL Filtering

Question 44

How does DevSecOps improve the Continuous Integration/Continuous Deployment (CI/CD) pipeline?

Options:

A.

DevSecOps improves pipeline security by assigning the security team as the lead team for continuous deployment

B.

DevSecOps ensures the pipeline has horizontal intersections for application code deployment

C.

DevSecOps unites the Security team with the Development and Operations teams to integrate security into the CI/CD pipeline

D.

DevSecOps does security checking after the application code has been processed through the CI/CD pipeline

Question 45

Which subnet does the host 192.168.19.36/27 belong?

Options:

A.

192.168.19.0

B.

192.168.19.16

C.

192.168.19.64

D.

192.168.19.32

Question 46

In SecOps, what are two of the components included in the identify stage? (Choose two.)

Options:

A.

Initial Research

B.

Change Control

C.

Content Engineering

D.

Breach Response

Question 47

In an IDS/IPS, which type of alarm occurs when legitimate traffic is improperly identified as malicious traffic?

Options:

A.

False-positive

B.

True-negative

C.

False-negative

D.

True-positive

Page: 1 / 16
Total 158 questions