PALO ALTO PCCET EXAMS: A+ GRADED GUIDE TO ACING
QUESTIONS AND ANSWERS
Which tunneling protocol can you use to connect two Ethernet segments into one?
A. PPP
B. L2TP
C. IPsec (without L2TP)
D. SLIP
B
What is the authentication method that uses usernames and passwords?
A. PAP
B. CHAP
C. MS-CHAP
D. SAP
A
Which form does data need to be in for DLP to work?
A. ASCII
B. cleartext
C. uncompressed
D. encrypted
B
DLP works in which layer of the ISO model?
A. 7, application layer
B. 5, session layer
C. 4, transport layer
D. 3, network layer
A
Which three security functions are integrated with a UTM device? (Choose three.)
A. cloud access security broker (CASB)
B. Remote Browser Isolation (RBI)
C. DevOps automation
D. firewall
E. Intrusion Detection System (IDS)
F. anti-spam
DEF
Which two resources are shared between the different functions of a UTM device? (Choose two.)
A. RAM
B. alert information
,C. CPU
D. attack signatures
E. firewall state
AC
Which two options are endpoints? (Choose two.)
A. laptop computer
B. router/modem/access point combo for a home network
C. physical database server
D. smartphone used to check work email
AD
Which method to identify ransomware that uses a zero-day exploit is available in endpoint protection,
but not on the firewall?
A. attack signatures
B. behavior analysis
C. observation of attack effects
D. data decryption
C
Which option is not part of an endpoint protection solution?
A. firewall
B. antivirus
C. man-in-the-middle decryption
D. intrusion detection
C
Signature-based anti-malware software is considered a reactive countermeasure because a signature
file for new malware can't be created and delivered until the malware is already "in the wild." (True
or False)
T
Which type of malware protection can be bypassed by mutating malware?
A. signature-based
B. container-based
C. application allow lists
D. anomaly detection
A
Which type of malware protection requires in-depth knowledge of applications and how they
communicate?
A. signature-based
B. container-based
, C. application allow lists
D. anomaly detection
B
Which type of malware protection has a problem with legitimate software upgrades?
A. signature-based
B. container-based
C. application allow lists
D. anomaly detection
C
Which type of malware protection is vulnerable to a low and slow approach?
A. signature-based
B. container-based
C. application allow lists
D. anomaly detection
D
Signature-based anti-malware software is considered a proactive security countermeasure. (True or
False)
F
Which two operating systems can have mobile device management (MDM)? (Choose two)
A. iOS
B. MacOS
C. Android
D. Windows
E. Linux
AC
You go on a business visit to another country and you can't access a work application on your cell
phone. Which MDM feature could be the reason?
A. Data loss prevention
B. malware protection
C. remote erase/wipe
D. geofencing and location services
D
You downloaded a confidential file to your phone to use in a business meeting. Now you see it is no
longer there. Which MDM feature could be the reason?
A. data loss prevention
B. malware protection
C. remote erase/wipe
D. geofencing and location services
QUESTIONS AND ANSWERS
Which tunneling protocol can you use to connect two Ethernet segments into one?
A. PPP
B. L2TP
C. IPsec (without L2TP)
D. SLIP
B
What is the authentication method that uses usernames and passwords?
A. PAP
B. CHAP
C. MS-CHAP
D. SAP
A
Which form does data need to be in for DLP to work?
A. ASCII
B. cleartext
C. uncompressed
D. encrypted
B
DLP works in which layer of the ISO model?
A. 7, application layer
B. 5, session layer
C. 4, transport layer
D. 3, network layer
A
Which three security functions are integrated with a UTM device? (Choose three.)
A. cloud access security broker (CASB)
B. Remote Browser Isolation (RBI)
C. DevOps automation
D. firewall
E. Intrusion Detection System (IDS)
F. anti-spam
DEF
Which two resources are shared between the different functions of a UTM device? (Choose two.)
A. RAM
B. alert information
,C. CPU
D. attack signatures
E. firewall state
AC
Which two options are endpoints? (Choose two.)
A. laptop computer
B. router/modem/access point combo for a home network
C. physical database server
D. smartphone used to check work email
AD
Which method to identify ransomware that uses a zero-day exploit is available in endpoint protection,
but not on the firewall?
A. attack signatures
B. behavior analysis
C. observation of attack effects
D. data decryption
C
Which option is not part of an endpoint protection solution?
A. firewall
B. antivirus
C. man-in-the-middle decryption
D. intrusion detection
C
Signature-based anti-malware software is considered a reactive countermeasure because a signature
file for new malware can't be created and delivered until the malware is already "in the wild." (True
or False)
T
Which type of malware protection can be bypassed by mutating malware?
A. signature-based
B. container-based
C. application allow lists
D. anomaly detection
A
Which type of malware protection requires in-depth knowledge of applications and how they
communicate?
A. signature-based
B. container-based
, C. application allow lists
D. anomaly detection
B
Which type of malware protection has a problem with legitimate software upgrades?
A. signature-based
B. container-based
C. application allow lists
D. anomaly detection
C
Which type of malware protection is vulnerable to a low and slow approach?
A. signature-based
B. container-based
C. application allow lists
D. anomaly detection
D
Signature-based anti-malware software is considered a proactive security countermeasure. (True or
False)
F
Which two operating systems can have mobile device management (MDM)? (Choose two)
A. iOS
B. MacOS
C. Android
D. Windows
E. Linux
AC
You go on a business visit to another country and you can't access a work application on your cell
phone. Which MDM feature could be the reason?
A. Data loss prevention
B. malware protection
C. remote erase/wipe
D. geofencing and location services
D
You downloaded a confidential file to your phone to use in a business meeting. Now you see it is no
longer there. Which MDM feature could be the reason?
A. data loss prevention
B. malware protection
C. remote erase/wipe
D. geofencing and location services
