Summer Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Paloalto Networks > Certified Cybersecurity Associate > PCCET

PCCET Palo Alto Networks Certified Cybersecurity Entry-level Technician Question and Answers

Question # 4

Which action must Secunty Operations take when dealing with a known attack?

A.

Document, monitor, and track the incident.

B.

Limit the scope of who knows about the incident.

C.

Increase the granularity of the application firewall.

D.

Disclose details of lhe attack in accordance with regulatory standards.

Full Access
Question # 5

Which type of IDS/IPS uses a baseline of normal network activity to identify unusual patterns or levels of network activity that may be indicative of an intrusion attempt?

A.

Knowledge-based

B.

Signature-based

C.

Behavior-based

D.

Database-based

Full Access
Question # 6

Which key component is used to configure a static route?

A.

router ID

B.

enable setting

C.

routing protocol

D.

next hop IP address

Full Access
Question # 7

Routing Information Protocol (RIP), uses what metric to determine how network traffic should flow?

A.

Shortest Path

B.

Hop Count

C.

Split Horizon

D.

Path Vector

Full Access
Question # 8

Which product from Palo Alto Networks enables organizations to prevent successful cyberattacks as well as simplify and strengthen security processes?

A.

Expedition

B.

AutoFocus

C.

MineMeld

D.

Cortex XDR

Full Access
Question # 9

Which three services are part of Prisma SaaS? (Choose three.)

A.

Data Loss Prevention

B.

DevOps

C.

Denial of Service

D.

Data Exposure Control

E.

Threat Prevention

Full Access
Question # 10

If an endpoint does not know how to reach its destination, what path will it take to get there?

A.

The endpoint will broadcast to all connected network devices.

B.

The endpoint will not send the traffic until a path is clarified.

C.

The endpoint will send data to the specified default gateway.

D.

The endpoint will forward data to another endpoint to send instead.

Full Access
Question # 11

Which core component is used to implement a Zero Trust architecture?

A.

VPN Concentrator

B.

Content Identification

C.

Segmentation Platform

D.

Web Application Zone

Full Access
Question # 12

An Administrator wants to maximize the use of a network address. The network is 192.168.6.0/24 and there are three subnets that need to be created that can not overlap. Which subnet would you use for the network with 120 hosts?

Requirements for the three subnets: Subnet 1: 3 host addresses

Subnet 2: 25 host addresses

Subnet 3: 120 host addresses

A.

192.168.6.168/30

B.

192.168.6.0/25

C.

192.168.6.160/29

D.

192.168.6.128/27

Full Access
Question # 13

What is the definition of a zero-day threat?

A.

The amount of time it takes to discover a vulnerability and release a security fix

B.

The period between the discovery of a vulnerability and development and release of a patch

C.

The day a software vendor becomes aware of an exploit and prevents any further hacking

D.

A specific day during which zero threats occurred

Full Access
Question # 14

With regard to cloud-native security in layers, what is the correct order of the four C's from the top (surface) layer to the bottom (base) layer?

A.

container, code, cluster, cloud

B.

code, container, cluster, cloud

C.

code, container, cloud, cluster

D.

container, code, cloud, cluster

Full Access
Question # 15

Which three layers of the OSI model correspond to the Application Layer (L4) of the TCP/IP model?

A.

Session, Transport, Network

B.

Application, Presentation, and Session

C.

Physical, Data Link, Network

D.

Data Link, Session, Transport

Full Access
Question # 16

Match each description to a Security Operating Platform key capability.

Full Access
Question # 17

What are three benefits of the cloud native security platform? (Choose three.)

A.

Increased throughput

B.

Exclusivity

C.

Agility

D.

Digital transformation

E.

Flexibility

Full Access
Question # 18

Which native Windows application can be used to inspect actions taken at a specific time?

A.

Event Viewer

B.

Timeline inspector

C.

Task Manager

D.

Task Scheduler

Full Access
Question # 19

Which two statements describe the Jasager attack? (Choose two.)

A.

â–¡ The victim must manually choose the attacker s access point

B.

â–¡ It actively responds to beacon reguests.

C.

â–¡ It tries to get victims to conned at random.

D.

â–¡ The attacker needs to be wilhin close proximity of the victim.

Full Access
Question # 20

Which pillar of Prisma Cloud application security does vulnerability management fall under?

A.

dynamic computing

B.

identity security

C.

compute security

D.

network protection

Full Access
Question # 21

Which Palo Alto Networks product provides playbooks with 300+ multivendor integrations that help solve any security use case?

A.

Cortex XSOAR

B.

Prisma Cloud

C.

AutoFocus

D.

Cortex XDR

Full Access
Question # 22

Which method is used to exploit vulnerabilities, services, and applications?

A.

encryption

B.

port scanning

C.

DNS tunneling

D.

port evasion

Full Access
Question # 23

What is the recommended method for collecting security logs from multiple endpoints?

A.

Leverage an EDR solution to request the logs from endpoints.

B.

Connect to the endpoints remotely and download the logs.

C.

Configure endpoints to forward logs to a SIEM.

D.

Build a script that pulls down the logs from all endpoints.

Full Access
Question # 24

Which type of Software as a Service (SaaS) application provides business benefits, is fast to deploy, requires minimal cost and is infinitely scalable?

A.

Benign

B.

Tolerated

C.

Sanctioned

D.

Secure

Full Access
Question # 25

In an IDS/IPS, which type of alarm occurs when legitimate traffic is improperly identified as malicious traffic?

A.

False-positive

B.

True-negative

C.

False-negative

D.

True-positive

Full Access
Question # 26

Which Palo Alto subscription service identifies unknown malware, zero-day exploits, and advanced persistent threats (APTs) through static and dynamic analysis in a scalable, virtual environment?

A.

DNS Security

B.

URL Filtering

C.

WildFire

D.

Threat Prevention

Full Access
Question # 27

What does SOAR technology use to automate and coordinate workflows?

A.

algorithms

B.

Cloud Access Security Broker

C.

Security Incident and Event Management

D.

playbooks

Full Access
Question # 28

Which statement is true about advanced persistent threats?

A.

They use script kiddies to carry out their attacks.

B.

They have the skills and resources to launch additional attacks.

C.

They lack the financial resources to fund their activities.

D.

They typically attack only once.

Full Access
Question # 29

Which analysis detonates previously unknown submissions in a custom-built, evasion-resistant virtual environment to determine real-world effects and behavior?

A.

Dynamic

B.

Pre-exploit protection

C.

Bare-metal

D.

Static

Full Access
Question # 30

Which option is an example of a North-South traffic flow?

A.

Lateral movement within a cloud or data center

B.

An internal three-tier application

C.

Client-server interactions that cross the edge perimeter

D.

Traffic between an internal server and internal user

Full Access
Question # 31

Which type of malware replicates itself to spread rapidly through a computer network?

A.

ransomware

B.

Trojan horse

C.

virus

D.

worm

Full Access
Question # 32

During the OSI layer 3 step of the encapsulation process, what is the Protocol Data Unit (PDU) called when the IP stack adds source (sender) and destination (receiver) IP addresses?

A.

Frame

B.

Segment

C.

Packet

D.

Data

Full Access
Question # 33

What type of address translation does a NAT perform?

A.

Private to public

B.

Logical to physical

C.

Physical Io logical

D.

Public to private

Full Access
Question # 34

Match the DNS record type to its function within DNS.

Full Access
Question # 35

SecOps consists of interfaces, visibility, technology, and which other three elements? (Choose three.)

A.

People

B.

Accessibility

C.

Processes

D.

Understanding

E.

Business

Full Access
Question # 36

What should a security operations engineer do if they are presented with an encoded string during an incident investigation?

A.

Save it to a new file and run it in a sandbox.

B.

Run it against VirusTotal.

C.

Append it to the investigation notes but do not alter it.

D.

Decode the string and continue the investigation.

Full Access
Question # 37

On which security principle does virtualization have positive effects?

A.

integrity

B.

confidentiality

C.

availability

D.

non-repudiation

Full Access
Question # 38

Which IoT connectivity technology is provided by satellites?

A.

4G/LTE

B.

VLF

C.

L-band

D.

2G/2.5G

Full Access
Question # 39

Which of the following is a Routed Protocol?

A.

Routing Information Protocol (RIP)

B.

Transmission Control Protocol (TCP)

C.

Internet Protocol (IP)

D.

Domain Name Service (DNS)

Full Access
Question # 40

Which internet of things (loT) connectivity technology operates on the 2.4GHz and 5GHz bands, as well as all bands between 1 and 6GHz when they become available for 802.11 use. at ranges up to 11 Gbit/s?

A.

3G

B.

Z-wave

C.

802.11ax

D.

C-band

Full Access
Question # 41

In which situation would a dynamic routing protocol be the quickest way to configure routes on a router?

A.

the network is large

B.

the network is small

C.

the network has low bandwidth requirements

D.

the network needs backup routes

Full Access
Question # 42

What does SIEM stand for?

A.

Security Infosec and Event Management

B.

Security Information and Event Management

C.

Standard Installation and Event Media

D.

Secure Infrastructure and Event Monitoring

Full Access
Question # 43

Which option is a Prisma Access security service?

A.

Compute Security

B.

Firewall as a Service (FWaaS)

C.

Virtual Private Networks (VPNs)

D.

Software-defined wide-area networks (SD-WANs)

Full Access
Question # 44

Which feature of the VM-Series firewalls allows them to fully integrate into the DevOps workflows and CI/CD pipelines without slowing the pace of business?

A.

Elastic scalability

B.

5G

C.

External dynamic lists

D.

Log export

Full Access
Question # 45

Anthem server breaches disclosed Personally Identifiable Information (PII) from a number of its servers. The infiltration by hackers was attributed to which type of vulnerability?

A.

an intranet-accessed contractor’s system that was compromised

B.

exploitation of an unpatched security vulnerability

C.

access by using a third-party vendor’s password

D.

a phishing scheme that captured a database administrator’s password

Full Access
Question # 46

Based on how much is managed by the vendor, where can CaaS be situated in the spread of cloud computing services?

A.

between PaaS and FaaS

B.

between IaaS and PaaS

C.

between On-Prem and IaaS

D.

between FaaS and Serverless

Full Access
Question # 47

In the attached network diagram, which device is the switch?

A.

A

B.

B

C.

C

D.

D

Full Access