ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCET
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Palo Alto Networks subscription service complements App-ID by enabling you to configure the next- generation firewall to identify and control access to websites and to protect your organization from websites hosting malware and phishing pages?
Layer 4 of the TCP/IP Model corresponds to which three Layer(s) of the OSI Model? (Choose three.)
What type of area network connects end-user devices?
In an IDS/IPS, which type of alarm occurs when legitimate traffic is improperly identified as malicious traffic?
Which model would a customer choose if they want full control over the operating system(s) running on their cloud computing platform?
An Administrator wants to maximize the use of a network address. The network is 192.168.6.0/24 and there are three subnets that need to be created that can not overlap. Which subnet would you use for the network with 120 hosts? Requirements for the three subnets: Subnet 1: 3 host addresses Subnet 2: 25 host addresses Subnet 3: 120 host addresses
How does DevSecOps improve the Continuous Integration/Continuous Deployment (CI/CD) pipeline?
Which security component can detect command-and-control traffic sent from multiple endpoints within a corporate data center?
What are three benefits of the cloud native security platform? (Choose three.)
Which of these ports is normally associated with HTTPS?

Question 87 - PCCET discussion

Report
Export

What is the recommended method for collecting security logs from multiple endpoints?

A.
Leverage an EDR solution to request the logs from endpoints.
Answers
A.
Leverage an EDR solution to request the logs from endpoints.
B.
Connect to the endpoints remotely and download the logs.
Answers
B.
Connect to the endpoints remotely and download the logs.
C.
Configure endpoints to forward logs to a SIEM.
Answers
C.
Configure endpoints to forward logs to a SIEM.
D.
Build a script that pulls down the logs from all endpoints.
Answers
D.
Build a script that pulls down the logs from all endpoints.
Suggested answer: C

Explanation:

A SIEM (Security Information and Event Management) is a system that collects, analyzes, and correlates security logs from multiple sources, such as endpoints, firewalls, servers, etc. A SIEM can provide a centralized and comprehensive view of the security posture of an organization, as well as detect and respond to threats. Configuring endpoints to forward logs to a SIEM is the recommended method for collecting security logs from multiple endpoints, as it reduces the network bandwidth and storage requirements, simplifies the log management process, and enables faster and more effective security analysis. Leveraging an EDR (Endpoint Detection and Response) solution to request the logs from endpoints is not recommended, as it may cause performance issues on the endpoints, increase the network traffic, and create a dependency on the EDR solution. Connecting to the endpoints remotely and downloading the logs is not recommended, as it is a manual and time-consuming process, prone to errors and inconsistencies, and may expose the endpoints to unauthorized access. Building a script that pulls down the logs from all endpoints is not recommended, as it requires technical skills and maintenance, may not be compatible with different endpoint platforms, and may introduce security risks if the script is compromised or misconfigured.Reference:

Palo Alto Networks Certified Cybersecurity Entry-level Technician (PCCET) - Palo Alto Networks

Fundamentals of Security Operations Center (SOC)

10 Palo Alto Networks PCCET Exam Practice Questions - CBT Nuggets

Show Answer
asked 23/09/2024
Jonno Sweeney
44 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms