PCCSA – Modules | 100% Correct
Answers | Verified | Latest 2024 Version
A Zero Trust network security model is based on which security principle? - ✔✔Least privilege
Which capability of a Zero-Trust segmentation platform uses a combination of anti-malware, intrusion
prevention, and cyberthreat prevention technologies to provide comprehensive protection against both
known and unknown threats, including threats on mobile devices? - ✔✔Cyberthreat protection
True or False: The primary issue with a perimeter-based network security strategy in which
countermeasures are deployed at a handful of well-defined ingress and egress points to the network is
that it relies on the assumption that everything on the internal network can be trusted. - ✔✔True
Which of the following is not a benefit of implementing a Zero-Trust network? - ✔✔Higher total cost of
ownership (TCO) with a consolidated and fully integrated security operating platform.
True or False: The principle of least privilege in network security requires that only the permission or
access rights necessary to perform an authorized task is denied. - ✔✔False
True or False: The single pass architecture of the NGFW integrates multiple threat prevention disciplines
(PIS, anti-malware, URL filtering, etc.) into a single stream-based engine with a uniform signature format.
- ✔✔True
Which application identification technique determines whether the initially detected application
protocol is the "real one" or if it is being used as a tunnel to hide the actual application (for example, Tor
might run inside HTTPS). - ✔✔Application protocol decoding
On the NGFW, which type of User-ID technique can be configured to probe Microsoft Windows servers
for active network sessions of a user? - ✔✔Client Probing
, True or False: Content-ID is an Intrusion Prevention feature that protects networks from all types of
vulnerability exploits, buffer overflows, DoS attacks, and port scans that lead to the compromise of
confidential and sensitive enterprise information. - ✔✔True
Which Content-ID filtering capability controls the transfer of sensitive data patterns such as credit card
and social security numbers in application content and attachments? - ✔✔Data filtering
Which of the following is used to describe the information used in conjunction with an algorithm to
create ciphertext from plaintext? - ✔✔Key
Which of the following terms describes the process of making and using codes to secure the
transmission of information? - ✔✔Cryptography
The science of encryption is known as which of the following? - ✔✔Cryptology
Which of the following is a hybrid cryptosystem that has become the open-source de facto standard for
encryption and authentication of e-mail and file storage applications? - ✔✔PGP
What term is used to describe a cryptographic method that incorporates mathematical operations
involving both a public key and a private key to encipher or decipher a message? - ✔✔Asymmetric
encryption
Which algorithm was the first public-key encryption algorithm developed (in 1977) and published for
commercial use. - ✔✔RSA
The process of hiding information within other files, such as digital pictures or other images, is known as
which of the following? - ✔✔Steganography
Which of the following is considered to be the strongest symmetric encryption cryptosystem? -
✔✔Advanced Encryption Standard (AES)
Answers | Verified | Latest 2024 Version
A Zero Trust network security model is based on which security principle? - ✔✔Least privilege
Which capability of a Zero-Trust segmentation platform uses a combination of anti-malware, intrusion
prevention, and cyberthreat prevention technologies to provide comprehensive protection against both
known and unknown threats, including threats on mobile devices? - ✔✔Cyberthreat protection
True or False: The primary issue with a perimeter-based network security strategy in which
countermeasures are deployed at a handful of well-defined ingress and egress points to the network is
that it relies on the assumption that everything on the internal network can be trusted. - ✔✔True
Which of the following is not a benefit of implementing a Zero-Trust network? - ✔✔Higher total cost of
ownership (TCO) with a consolidated and fully integrated security operating platform.
True or False: The principle of least privilege in network security requires that only the permission or
access rights necessary to perform an authorized task is denied. - ✔✔False
True or False: The single pass architecture of the NGFW integrates multiple threat prevention disciplines
(PIS, anti-malware, URL filtering, etc.) into a single stream-based engine with a uniform signature format.
- ✔✔True
Which application identification technique determines whether the initially detected application
protocol is the "real one" or if it is being used as a tunnel to hide the actual application (for example, Tor
might run inside HTTPS). - ✔✔Application protocol decoding
On the NGFW, which type of User-ID technique can be configured to probe Microsoft Windows servers
for active network sessions of a user? - ✔✔Client Probing
, True or False: Content-ID is an Intrusion Prevention feature that protects networks from all types of
vulnerability exploits, buffer overflows, DoS attacks, and port scans that lead to the compromise of
confidential and sensitive enterprise information. - ✔✔True
Which Content-ID filtering capability controls the transfer of sensitive data patterns such as credit card
and social security numbers in application content and attachments? - ✔✔Data filtering
Which of the following is used to describe the information used in conjunction with an algorithm to
create ciphertext from plaintext? - ✔✔Key
Which of the following terms describes the process of making and using codes to secure the
transmission of information? - ✔✔Cryptography
The science of encryption is known as which of the following? - ✔✔Cryptology
Which of the following is a hybrid cryptosystem that has become the open-source de facto standard for
encryption and authentication of e-mail and file storage applications? - ✔✔PGP
What term is used to describe a cryptographic method that incorporates mathematical operations
involving both a public key and a private key to encipher or decipher a message? - ✔✔Asymmetric
encryption
Which algorithm was the first public-key encryption algorithm developed (in 1977) and published for
commercial use. - ✔✔RSA
The process of hiding information within other files, such as digital pictures or other images, is known as
which of the following? - ✔✔Steganography
Which of the following is considered to be the strongest symmetric encryption cryptosystem? -
✔✔Advanced Encryption Standard (AES)
