ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCET

Palo Alto Networks PCCET Practice Test - Questions Answers, Page 12

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Palo Alto Networks subscription service complements App-ID by enabling you to configure the next- generation firewall to identify and control access to websites and to protect your organization from websites hosting malware and phishing pages?
Layer 4 of the TCP/IP Model corresponds to which three Layer(s) of the OSI Model? (Choose three.)
What type of area network connects end-user devices?
In an IDS/IPS, which type of alarm occurs when legitimate traffic is improperly identified as malicious traffic?
Which model would a customer choose if they want full control over the operating system(s) running on their cloud computing platform?
An Administrator wants to maximize the use of a network address. The network is 192.168.6.0/24 and there are three subnets that need to be created that can not overlap. Which subnet would you use for the network with 120 hosts? Requirements for the three subnets: Subnet 1: 3 host addresses Subnet 2: 25 host addresses Subnet 3: 120 host addresses
How does DevSecOps improve the Continuous Integration/Continuous Deployment (CI/CD) pipeline?
Which security component can detect command-and-control traffic sent from multiple endpoints within a corporate data center?
What are three benefits of the cloud native security platform? (Choose three.)
Which of these ports is normally associated with HTTPS?

Question 111

Report
Export
Collapse

What is a key advantage and key risk in using a public cloud environment?

A.
Multi-tenancy
A.
Multi-tenancy
Answers
B.
Dedicated Networks
B.
Dedicated Networks
Answers
C.
Dedicated Hosts
C.
Dedicated Hosts
Answers
D.
Multiplexing
D.
Multiplexing
Answers
Suggested answer: A

Explanation:

Multitenancy is a key characteristic of the public cloud, and an important risk. Although public cloud providers strive to ensure isolation between their various customers, the infrastructure and resources in the public cloud are shared. Inherent risks in a shared environment include misconfigurations, inadequate or ineffective processes and controls, and the ''noisy neighbor'' problem (excessive network traffic, disk I/O, or processor use can negatively impact other customers sharing the same resource). In hybrid and multicloud environments that connect numerous public and/or private clouds, the delineation becomes blurred, complexity increases, and security risks become more challenging to address.

Question 112

Report
Export
Collapse

Which network device breaks networks into separate broadcast domains?

A.
Hub
A.
Hub
Answers
B.
Layer 2 switch
B.
Layer 2 switch
Answers
C.
Router
C.
Router
Answers
D.
Wireless access point
D.
Wireless access point
Answers
Suggested answer: C

Explanation:

A layer 2 switch will break up collision domains but not broadcast domains. To break up broadcast domains you need a Layer 3 switch with vlan capabilities.

Question 113

Report
Export
Collapse

Which type of IDS/IPS uses a baseline of normal network activity to identify unusual patterns or levels of network activity that may be indicative of an intrusion attempt?

A.
Knowledge-based
A.
Knowledge-based
Answers
B.
Signature-based
B.
Signature-based
Answers
C.
Behavior-based
C.
Behavior-based
Answers
D.
Database-based
D.
Database-based
Answers
Suggested answer: C

Explanation:

IDSs and IPSs also can be classified as knowledge-based (or signature-based) or behavior-based (or statistical anomaly-based) systems:

A knowledge-based system uses a database of known vulnerabilities and attack profiles to identify intrusion attempts. These types of systems have lower false-alarm rates than behavior-based systems but must be continually updated with new attack signatures to be effective.

A behavior-based system uses a baseline of normal network activity to identify unusual patterns or levels of network activity that may be indicative of an intrusion attempt.

These types of systems are more adaptive than knowledge-based systems and therefore may be more effective in detecting previously unknown vulnerabilities and attacks, but they have a much higher false-positive rate than knowledge-based systems

Question 114

Report
Export
Collapse

Which NGFW feature is used to provide continuous identification, categorization, and control of known and previously unknown SaaS applications?

A.
User-ID
A.
User-ID
Answers
B.
Device-ID
B.
Device-ID
Answers
C.
App-ID
C.
App-ID
Answers
D.
Content-ID
D.
Content-ID
Answers
Suggested answer: C

Explanation:

App-ID technology leverages the power of the broad global community to provide continuous identification, categorization, and granular risk-based control of known and previously unknown SaaS applications, ensuring new applications are discovered automatically as they become popular.

Question 115

Report
Export
Collapse

In an IDS/IPS, which type of alarm occurs when legitimate traffic is improperly identified as malicious traffic?

A.
False-positive
A.
False-positive
Answers
B.
True-negative
B.
True-negative
Answers
C.
False-negative
C.
False-negative
Answers
D.
True-positive
D.
True-positive
Answers
Suggested answer: A

Explanation:

In anti-malware, a false positive incorrectly identifies a legitimate file or application as malware. A false negative incorrectly identifies malware as a legitimate file or application. In intrusion detection, a false positive incorrectly identifies legitimate traffic as a threat, and a false negative incorrectly identifies a threat as legitimate traffic.

Question 116

Report
Export
Collapse

DRAG DROP

Given the graphic, match each stage of the cyber-attack lifecycle to its description.



Question 116
Correct answer: Question 116

Question 117

Report
Export
Collapse

DRAG DROP

Match the Identity and Access Management (IAM) security control with the appropriate definition.


Question 117
Correct answer: Question 117

Question 118

Report
Export
Collapse

Which classification of IDS/IPS uses a database of known vulnerabilities and attack profiles to identify intrusion attempts?

A.
Statistical-based
A.
Statistical-based
Answers
B.
Knowledge-based
B.
Knowledge-based
Answers
C.
Behavior-based
C.
Behavior-based
Answers
D.
Anomaly-based
D.
Anomaly-based
Answers
Suggested answer: B

Explanation:

A knowledge-based system uses a database of known vulnerabilities and attack profiles to identify intrusion attempts. These types of systems have lower false-alarm rates than behavior-based systems but must be continually updated with new attack signatures to be effective.

A behavior-based system uses a baseline of normal network activity to identify unusual patterns or levels of network activity that may be indicative of an intrusion attempt.

These types of systems are more adaptive than knowledge-based systems and therefore may be more effective in detecting previously unknown vulnerabilities and attacks, but they have a much higher false-positive rate than knowledge-based systems.

Question 119

Report
Export
Collapse

What is a characteristic of the National Institute Standards and Technology (NIST) defined cloud computing model?

A.
requires the use of only one cloud service provider
A.
requires the use of only one cloud service provider
Answers
B.
enables on-demand network services
B.
enables on-demand network services
Answers
C.
requires the use of two or more cloud service providers
C.
requires the use of two or more cloud service providers
Answers
D.
defines any network service
D.
defines any network service
Answers
Suggested answer: B

Explanation:

According to the NIST definition, cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction1.One of the essential characteristics of cloud computing is on-demand self-service, which means that users can request and obtain computing resources as needed, without requiring human intervention from the service provider2.On-demand network services are an example of this characteristic, as they allow users to access network resources such as bandwidth, routing, firewall, or load balancing, on demand and in a scalable manner3.Reference:

The NIST definition of cloud computing

SP 800-145, The NIST Definition of Cloud Computing | CSRC

On-Demand Network Services - Palo Alto Networks

Question 120

Report
Export
Collapse

Which element of the security operations process is concerned with using external functions to help achieve goals?

A.
interfaces
A.
interfaces
Answers
B.
business
B.
business
Answers
C.
technology
C.
technology
Answers
D.
people
D.
people
Answers
Suggested answer: A

Explanation:

The six pillars include:

1. Business (goals and outcomes)

2. People (who will perform the work)

3. Interfaces (external functions to help achieve goals)

4. Visibility (information needed to accomplish goals)

5. Technology (capabilities needed to provide visibility and enable people)

6. Processes (tactical steps required to execute on goals)

Total 159 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms