Which endpoint product from Palo Alto Networks can help with SOC visibility?

A. STIX

B. Cortex XDR

C. WildFire

D. AutoFocus

Under which category does an application that is approved by the IT department, such as Office 365, fall?

A. unsanctioned

B. prohibited

C. tolerated

D. sanctioned

Which option is an example of a North-South traffic flow?

A. Lateral movement within a cloud or data center

B. An internal three-tier application

C. Client-server interactions that cross the edge perimeter

D. Traffic between an internal server and internal user

Which type of malware takes advantage of a vulnerability on an endpoint or server?

A. technique

B. patch

C. vulnerability

D. exploit

What does SOAR technology use to automate and coordinate workflows?

A. algorithms

B. Cloud Access Security Broker

C. Security Incident and Event Management

D. playbooks

DRAG DROP -
Match the IoT connectivity description with the technology.
Select and Place:
 

DRAG DROP
-
Match each tunneling protocol to its definition.
 

Which model would a customer choose if they want full control over the operating system(s) running on their cloud computing platform?

A. SaaS

B. DaaS

C. PaaS

D. IaaS

Which security component should you configure to block viruses not seen and blocked by the perimeter firewall?

A. endpoint antivirus software

B. strong endpoint passwords

C. endpoint disk encryption

D. endpoint NIC ACLs

Which technique changes protocols at random during a session?

A. use of non-standard ports

B. port hopping

C. hiding within SSL encryption

D. tunneling within commonly used services

Which Palo Alto Networks subscription service complements App-ID by enabling you to configure the next-generation firewall to identify and control access to websites and to protect your organization from websites hosting malware and phishing pages?

A. Threat Prevention

B. DNS Security

C. WildFire

D. URL Filtering

In the Transport layer of the OSI model, what is a protocol data unit (PDU) called?

A. Frame

B. Packet

C. Datagram

D. Bit

Which network device breaks networks into separate broadcast domains?

A. Hub

B. Layer 2 switch

C. Router

D. Wireless access point

Which characteristic of serverless computing enables developers to quickly deploy application code?

A. Uploading cloud service autoscaling services to deploy more virtual machines to run their application code based on user demand

B. Uploading the application code itself, without having to provision a full container image or any OS virtual machine components

C. Using cloud service spot pricing to reduce the cost of using virtual machines to run their application code

D. Using Container as a Service (CaaS) to deploy application containers to run their code.

What is the function of SOAR?

A. It records, monitors, correlates, and analyzes the security events in an IT environment in real time.

B. It helps with the coordination, execution, and automation of tasks between people and tools for faster response to cybersecurity attacks.

C. It collects, integrates, and normalizes your security data to simplify your security operations.

D. It provides prevention, detection, response, and investigation of attacks and threats by gathering and integrating all security data.

DRAG DROP -
Given the graphic, match each stage of the cyber-attack lifecycle to its description.
 
Select and Place:
 

Which option is a Prisma Access security service?

A. Compute Security

B. Firewall as a Service (FWaaS)

C. Virtual Private Networks (VPNs)

D. Software-defined wide-area networks (SD-WANs)

What are two key characteristics of a Type 1 hypervisor? (Choose two.)

A. is hardened against cyber attacks

B. runs without any vulnerability issues

C. runs within an operating system

D. allows multiple, virtual (or guest) operating systems to run concurrently on a single physical host computer

What does SIEM stand for?

A. Security Infosec and Event Management

B. Security Information and Event Management

C. Standard Installation and Event Media

D. Secure Infrastructure and Event Monitoring

Which type of SaaS application offers no business benefits and creates risk for an organization?

A. Tolerated

B. Sanctioned

C. Unsanctioned

D. Prohibited

Which NGFW feature is used to provide continuous identification, categorization, and control of known and previously unknown SaaS applications?

A. User-ID

B. Device-ID

C. App-ID

D. Content-ID

You received an email, allegedly from a bank, that asks you to click a malicious link to take action on your account.
Which type of attack is this?

A. Whaling

B. Spamming

C. Spear phishing

D. Phishing

Which of the following is an AWS serverless service?

A. Beta

B. Kappa

C. Delta

D. Lambda

What is the primary security focus after consolidating data center hypervisor hosts within trust levels?

A. control and protect inter-host traffic using routers configured to use the Border Gateway Protocol (BGP) dynamic routing protocol

B. control and protect inter-host traffic by exporting all your traffic logs to a sysvol log server using the User Datagram Protocol (UDP)

C. control and protect inter-host traffic by using IPv4 addressing

D. control and protect inter-host traffic using physical network security appliances

What is the key to `taking down` a botnet?

A. prevent bots from communicating with the C2

B. install openvas software on endpoints

C. use LDAP as a directory service

D. block Docker engine software on endpoints

DRAG DROP -
Match the Palo Alto Networks WildFire analysis verdict with its definition.
Select and Place:
 

Which element of the security operations process is concerned with using external functions to help achieve goals?

A. interfaces

B. business

C. technology

D. people

What is a key advantage and key risk in using a public cloud environment?

A. Multi-tenancy

B. Dedicated Networks

C. Dedicated Hosts

D. Multiplexing

Which of the following is a service that allows you to control permissions assigned to users in order for them to access and utilize cloud resources?

A. User-ID

B. Lightweight Directory Access Protocol (LDAP)

C. User and Entity Behavior Analytics (UEBA)

D. Identity and Access Management (IAM)

For which three platforms does the SASE solution provide consistent security services and access? (Choose three.)

A. On-site

B. Software as a service (SaaS)

C. Private cloud

D. Public cloud

E. On-premises

Which network firewall operates up to Layer 4 (Transport layer) of the OSI model and maintains information about the communication sessions which have been established between hosts on trusted and untrusted networks?

A. Group policy

B. Stateless

C. Stateful

D. Static packet-filter

During the OSI layer 3 step of the encapsulation process, what is the Protocol Data Unit (PDU) called when the IP stack adds source (sender) and destination
(receiver) IP addresses?

A. Frame

B. Segment

C. Packet

D. Data

A native hypervisor runs:

A. with extreme demands on network throughput

B. only on certain platforms

C. within an operating system’s environment

D. directly on the host computer’s hardware

What is a key method used to secure sensitive data in Software-as-a-Service (SaaS) applications?

A. Allow downloads to managed devices but block them from unmanaged devices.

B. Allow downloads to both managed and unmanaged devices.

C. Leave data security in the hands of the cloud service provider.

D. Allow users to choose their own applications to access data.

Which TCP/IP sub-protocol operates at the Layer7 of the OSI model?

A. UDP

B. MAC

C. SNMP

D. NFS

From which resource does Palo Alto Networks AutoFocus correlate and gain URL filtering intelligence?

A. Unit 52

B. PAN-DB

C. BrightCloud

D. MineMeld

Which tool supercharges security operations center (SOC) efficiency with the world's most comprehensive operating platform for enterprise security?

A. Prisma SAAS

B. WildFire

C. Cortex XDR

D. Cortex XSOAR

Which Palo Alto Networks subscription dynamically discovers and maintains a real-time inventory of devices on your network?

A. DNS Security

B. Threat Prevention

C. IoT Security

D. Wildfire

What is the primary purpose of a case management system?

A. To consolidate alerts into a single queue for streamlined incident handling

B. To incorporate an additional layer in the escalation procedure

C. To be a centralized tool pointing to other, separate alerting systems

D. To minimize the number of duplicate alerts

Which network is using a subnet mask of 255.255.255.192?

A. 192.10.100.0/26

B. 172.16.72.0/29

C. 172.168.5.0/27

D. 192.168.100.0/24

Which type of Wi-Fi attack depends on the victim initiating the connection?

A. Evil twin

B. Jasager

C. Parager

D. Mirai

Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) fall under which Prisma access service layer?

A. Network

B. Management

C. Cloud

D. Security

How can local systems eliminate vulnerabilities?

A. Patch systems and software effectively and continuously.

B. Create preventative memory-corruption techniques.

C. Perform an attack on local systems.

D. Test and deploy patches on a focused set of systems.

DRAG DROP -
Match the description with the VPN technology.
Select and Place:
 

Which three layers of the OSI model correspond to the Application Layer (L4) of the TCP/IP model?

A. Session, Transport, Network

B. Application, Presentation, and Session

C. Physical, Data Link, Network

D. Data Link, Session, Transport

A doctor receives an email about her upcoming holiday in France. When she clicks the URL website link in the email, the connection is blocked by her office firewall because it's a known malware website. Which type of attack includes a link to a malware website in an email?

A. whaling

B. phishing

C. pharming

D. spam

Web 2.0 applications provide which type of service?

A. SaaS

B. FWaaS

C. IaaS

D. PaaS

You have been invited to a public cloud design and architecture session to help deliver secure east west flows and secure Kubernetes workloads.
What deployment options do you have available? (Choose two.)

A. PA-Series

B. VM-Series

C. Panorama

D. CN-Series

Layer 4 of the TCP/IP Model corresponds to which three Layer(s) of the OSI Model? (Choose three.)

A. Transport

B. Presentation

C. Session

D. Application

E. Network

SecOps consists of interfaces, visibility, technology, and which other three elements? (Choose three.)

A. People

B. Accessibility

C. Processes

D. Understanding

E. Business