Pre-Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Paloalto Networks > Certified Cybersecurity Associate > Apprentice

Apprentice Palo Alto Networks Cybersecurity Apprentice Question and Answers

Question # 4

What does DNS provide?

A.

List of local RIP tables

B.

Translation of a domain name into an IP address

C.

Creation of an IPSec tunnel between networks

D.

Network scanning for any vulnerabilities

Full Access
Question # 5

Which tool resides on a host to identify malicious activity?

A.

Instruction Detection System (IDS)

B.

Unified threat detection device

C.

Endpoint protection agent

D.

Next-generation firewall appliance

Full Access
Question # 6

Which activity increases the ability of endpoint protection to successfully identify threats?

A.

Creating honeypots

B.

Implementing virtualization

C.

Encoding null routes

D.

Applying security updates

Full Access
Question # 7

Which event would generate a false positive alert?

A.

A firewall categorizes a benign application as malicious.

B.

A network sensor is unable to identify a custom application.

C.

A network tunnel accidentally switches from one route to another.

D.

An employee attempts to access an unauthorized application.

Full Access
Question # 8

Which type of device does a Host-Based Intrusion Detection System (HIDS) monitor?

A.

Appliance

B.

Computer

C.

Switch

D.

Router

Full Access
Question # 9

Why is it important to have a clear and well documented incident response plan?

A.

It increases storage for logs and incident events.

B.

It provides additional methods to identify users.

C.

It increases code deployment efficiency.

D.

It reduces the time required to contain and identify a breach.

Full Access
Question # 10

What is the purpose of the IKE protocol?

A.

To manage IP addresses and assign them to devices

B.

To authenticate users accessing a wireless network

C.

To establish authenticated communication channels

D.

To translate domain names into IP addresses

Full Access
Question # 11

Which stage of the cyber attack lifecycle is characterized by an attacker passing instructions back and forth between infected devices and their own infrastructure?

A.

Command-and-control (C2)

B.

Exploitation

C.

Reconnaissance

D.

Weaponization and Delivery

Full Access
Question # 12

Which concept is a strategic approach to cybersecurity that continuously validates every stage of a digital interaction?

A.

Incident response plan implementation

B.

Zero Trust adoption

C.

Compliance planning

D.

Operations playbook development

Full Access
Question # 13

What is the purpose of continuous deployment in the CI/CD lifecycle?

A.

Maintaining a state in which any version of the software can be deployed to a production environment.

B.

Merging code changes into a central repository

C.

Packaging code into a Docker container for deployment

D.

Automatically deploying every change that passes the automated tests to production, minimizing lead time

Full Access
Question # 14

Which activity is a core component of the Improve function in security operations?

A.

Deploying new security tools and technologies

B.

Performing routine hardware upgrades

C.

Updating incident response plans based on lessons learned

D.

Training users on basic cybersecurity awareness

Full Access
Question # 15

What are two of the four Cs of cloud-native security? (Choose two.)

A.

Configurations

B.

Code

C.

Connections

D.

Clusters

Full Access
Question # 16

What is a desired outcome of automation in a security operations center (SOC)?

A.

Increased number of alerts

B.

Increased MTTR

C.

Increased efficiency

D.

Increased false positives

Full Access
Question # 17

A hub operates on which OSI layer?

A.

Layer 1

B.

Layer 2

C.

Layer 3

D.

Layer 4

Full Access
Question # 18

Which statement best distinguishes a Host-Based Intrusion Detection System (HIDS) from a Network-Based Intrusion Detection System (NIDS)?

A.

Network-Based is installed on an individual endpoint to monitor all inbound/outbound traffic of that device.

B.

Host-Based is installed on an individual endpoint to monitor all inbound/outbound traffic of that traffic.

C.

Host-Based directly integrates with the endpoint and is known as the last line of defense.

D.

Network-Based directly integrates with the endpoint and is known as the last line of defense.

Full Access
Question # 19

Syslog would be used for which activity?

A.

Transferring log events within networks

B.

Securing endpoints via runtime protection

C.

Securing logs collected from endpoints

D.

Connecting to a system remotely

Full Access
Question # 20

What is the primary purpose of an Intrusion Prevention System (IPS)?

A.

Detecting malicious traffic before reaching trusted network

B.

Filtering malicious traffic before reaching trusted network

C.

Building code for server infrastructure

D.

Deploying scanners for server infrastructure

Full Access
Question # 21

In which cloud service model does a company use hardware resources from a cloud service provider?

A.

Platform as a service (PaaS)

B.

Software as a service (SaaS)

C.

Network as a service (NaaS)

D.

Infrastructure as a service (IaaS)

Full Access
Question # 22

Why would an organization implement a demilitarized zone (DMZ)?

A.

To provision multiple external zones that allow for destination NAT

B.

To facilitate the use of SD-WAN departments within an organization

C.

To allow effective communications with other organizations

D.

To protect internal resources while still allowing access to public-facing internet services

Full Access
Question # 23

What is an effective use case of URL filtering?

A.

Monitoring threat logs and traffic logs

B.

Restricting access to phishing websites

C.

Acting as a sandbox for potentially malicious files

D.

Discovering internet of things (IoT) devices

Full Access
Question # 24

What is the primary goal of the Weaponization and Delivery stage in the cyber attack lifecycle?

A.

Developing and testing malware for bypassing defenses

B.

Ensuring compliance with Security policies

C.

Distributing compromised hardware to targets

D.

Creating a malicious payload by using vulnerabilities

Full Access
Question # 25

Which scenario is an example of east-west traffic?

A.

A virtual machine (VM) communicates with a host on the internet.

B.

A traffic pattern passes through perimeter-focused defense.

C.

A host computer communicates with an infected offsite server.

D.

A host computer communicates with a virtual machine (VM) in the same network.

Full Access
Question # 26

Which pillar should a company focus on first when establishing a new security operations department?

A.

Technology

B.

Processes

C.

People

D.

Business

Full Access
Question # 27

Which attack takes place in the Exploitation phase of the cyber attack lifecycle?

A.

Weaponized PDF file executing on a target

B.

Malicious phishing link sent to a target

C.

Polymorphic malware altering its structure on a target after gaining access

D.

Undisclosed software vulnerability used to gain remote access to a target

Full Access
Question # 28

What is a function of a Network-Based Intrusion Detection System (NIDS)?

A.

Scanning and quarantining infected files on a host machine

B.

Proxying traffic before reaching an internal network

C.

Blocking malicious traffic from entering a network in real time

D.

Monitoring network traffic and reporting results to an administrator

Full Access
Question # 29

What are two functions of VPN gateways? (Choose two.)

A.

Certificate refresh

B.

Site-to-Site connectivity

C.

Remote access

D.

URL filtering

Full Access
Question # 30

Which type of segmentation divides traffic based on the interface on which a packet is received or sent?

A.

Zone

B.

Port

C.

Application

D.

Role

Full Access
Question # 31

Which components are secured by the cloud provider in a shared responsibility model?

A.

Virtual machines

B.

On-premises connectivity to hosts

C.

Website authentication

D.

Host servers

Full Access
Question # 32

How is Zero Trust implemented on a network?

A.

By assigning all security to a proxy solution

B.

By designating failover paths

C.

By inspecting and validating traffic continuously

D.

By removing excess network devices

Full Access
Question # 33

What is a self-contained operating environment that behaves like a computer separate from the physical host?

A.

WAN accelerator

B.

Virtual Machine (VM)

C.

Hypervisor

D.

Container

Full Access
Question # 34

What are two components of a cloud-native security platform (CNSP)? (Choose two.)

A.

Asset inventory

B.

VPN

C.

Endpoint security

D.

Identity and access management (IAM)

Full Access