Palo Alto All Questions And Answers

C - ANS In which cloud computing service model does a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure? A. Platform as a Service (PaaS) B. Infrastructure as a Service (IaaS) C. Software as a Service (SaaS) D. Public Cloud T - ANS Business intelligence (BI) software consists of tools and techniques used to surface large amounts of raw unstructured data to perform a variety of tasks including data mining, event processing, and predictive analytics. (True or False) T - ANS The process in which end users find personal technology and apps that are more powerful or capable, more convenient, less expensive, quicker to install, and easier to use than enterprise IT solutions is known as consumerization. (True or False) T - ANS An organization can be compliant with all applicable security and privacy regulations for its industry, yet still not be secure. (True or False) HIPAA - ANS The U.S. law that establishes national standards to protect individuals' medical records and other health information is known as _______. F - ANS Most cyberattacks today are perpetrated by internal threat actors such as malicious employees engaging in corporate espionage. (True or False) F - ANS The Cyber-Attack Lifecycle is a five-step process that an attacker goes through to attack a network. (True or False) Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives - ANS List the steps of the Cyber-Attack Lifecycle. F - ANS An attacker needs to succeed in executing only one step of the Cyber-Attack Lifecycle to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack. (True or False) C - ANS Which technique is not used to break the command-and-control (C&C) phase of the Cyber-Attack Lifecycle? A. Blocking outbound traffic to known malicious sites and IP addresses B. DNS sinkholing and DNS poisoning C. Vulnerability and patch management D. All of the above T - ANS The key to breaking the Cyber-Attack Lifecycle during the Installation phase is to implement network segmentation, a Zero Trust model, and granular control of applications to limit or restrict an attacker's lateral movement within the network. (True or False) T - ANS Network firewalls cannot completely protect hosts from zero-day exploits. (True or False) Zero-day - ANS _______________ exploits target unknown vulnerabilities in operating system and application software on a host machine. B - ANS Which option describes malicious software or code that typically takes control of, collects information from, or damages an infected endpoint? A. Exploit B. Malware C. Vulnerability D. None of the above D - ANS Which option is an important characteristic or capability of advanced malware? A. Distributed, fault-tolerant architecture B. Multi-functionality C. Hiding techniques such as polymorphism, metamorphism, and obfuscation D. All of the above F - ANS A vulnerability is a small piece of software code, part of a malformed data file, or a sequence (string) of commands created by an attacker to cause unintended or unanticipated behavior in a system or software. (True or False) F - ANS New exploits can be crafted from any number of more than a thousand core exploit techniques. (True or False) F - ANS Wired Equivalent Privacy (WEP) is an effective protocol for securing wireless networks. (True or False) hash - ANS A _________________ is a mathematical function that creates a unique representation of a larger set of data in a manner that is easy to compute in one direction, but not in the reverse direction. router - ANS A _________________ sends data packets to destination networks along a network path using logical addresses. C - ANS Which option is an example of a static routing protocol? A. Open Shortest Path First (OSPF) B. Border Gateway Protocol (BGP) C. Routing Information Protocol (RIP) D. Split horizon ABC - ANS Which three options are dynamic routing protocols? (Choose three.) A. Distance-vector B. Path-vector C. Link-state D. Point-to-point T - ANS The internet is an example of a wide-area network (WAN). (True or False) DNS - ANS _________________ is a distributed, hierarchical internet database that maps FQDNs to IP addresses. A - ANS Which option is an example of a logical address? A. IP address B. Hardware address C. MAC address D. Burned-in address 8 - ANS An IPv4 address consists of four ______-bit octets. Subnetting - ANS _________________ is a technique used to divide a large network into smaller, multiple subnetworks by segmenting an IPv4 address into a network and host portion. C - ANS The OSI model consists of how many layers? A. Four B. Six C. Seven D. Nine AC - ANS Which two protocols function at the Transport layer of the OSI model? A. Transmission Control Protocol (TCP) B. Internet Protocol (IP) C. User Datagram Protocol (UDP) D. Hypertext Transfer Protocol (HTTP) LLC and MAC - ANS The Data Link layer of the OSI model is further divided into these two sublayers: _____ and _____. ABDE - ANS Which four layers comprise the TCP/IP model? (Choose four.) A. Application B. Transport C. Physical D. Internet E. Network Access encapsulation - ANS The process that wraps protocol information from the (OSI or TCP/IP) layer immediately above in the data section of the layer immediately below is known as __________. B - ANS A Zero Trust network security model is based on which security principle? a) due diligence b) least privilege c) non-repudiation d) negative control C - ANS Intra-VM traffic is also known as which type of traffic? a) north-south b) unknown c) east-west d) untrusted B - ANS What does the first phase of implementing security in virtualized data centers consist of? a) consolidating servers across trust levels b) consolidating servers within trust levels c) selectively virtualizing network security functions d) implementing a dynamic computing fabric F - ANS A dynamic packet filtering firewall inspects each individual packet during a session to determine if the traffic should be allowed, blocked, or dropped by the firewall. (True or False) ABC - ANS What are three characteristics of application firewalls? (Choose three.) a) proxies traffic rather than permitting direct communication between hosts b) can be used to implement strong user authentication c) masks the internal network from untrusted networks d) is extremely fast and has no impact on network performance C - ANS Which VPN technology is currently considered the preferred method for securely connecting a remote endpoint device back to an enterprise network? a) point-to-point tunneling protocol (PPTP) b) secure socket tunneling protocol (SSTP) c) Secure Sockets Layer (SSL) d) Internet Protocol Security (IPsec) C - ANS Which is NOT a characteristic of Unified Threat Management (UTM)? a) It combines security functions such as firewalls, intrusion detection systems (IDS), anti-malware, and data loss prevention (DLP) in a single appliance. b) enabling all of the security functions in a UTM device can have a significant performance impact.