What is a common characteristic of serverless and containers?

A. run for prolonged period of time

B. run on specific hosting platforms

C. automate and dynamically scale workloads

D. open source

From which resource does Palo Alto Networks AutoFocus correlate and gain URL filtering intelligence?

A. Unit 52

B. PAN-DB

C. BrightCloud

D. MineMeld

Which Palo Alto Networks subscription dynamically discovers and maintains a real-time inventory of devices on your network?

A. DNS Security

B. Threat Prevention

C. IoT Security

D. Wildfire

Which security component should you configure to block viruses not seen and blocked by the perimeter firewall?

A. endpoint antivirus software

B. strong endpoint passwords

C. endpoint disk encryption

D. endpoint NIC ACLs

What are two key characteristics of a Type 1 hypervisor? (Choose two.)

A. is hardened against cyber attacks

B. runs without any vulnerability issues

C. runs within an operating system

D. allows multiple, virtual (or guest) operating systems to run concurrently on a single physical host computer

On an endpoint, which method is used to protect proprietary data stored on a laptop that has been stolen?

A. operating system patches

B. full-disk encryption

C. periodic data backups

D. endpoint-based firewall

SecOps consists of interfaces, visibility, technology, and which other three elements? (Choose three.)

A. People

B. Accessibility

C. Processes

D. Understanding

E. Business

What differentiates Docker from a bare metal hypervisor?

A. Docker lets the user boot up one or more instances of an operating system on the same host whereas hypervisors do not

B. Docker uses more resources than a bare metal hypervisor

C. Docker is more efficient at allocating resources for legacy systems

D. Docker uses OS-level virtualization, whereas a bare metal hypervisor runs independently from the OS

Systems that allow for accelerated incident response through the execution of standardized and automated playbooks that work upon inputs from security technology and other data flows are known as what?

A. XDR

B. STEP

C. SOAR

D. SIEM

How can local systems eliminate vulnerabilities?

A. Patch systems and software effectively and continuously.

B. Create preventative memory-corruption techniques.

C. Perform an attack on local systems.

D. Test and deploy patches on a focused set of systems.

Which activities do local organization security policies cover for a SaaS application?

A. how the data is backed up in one or more locations

B. how the application can be used

C. how the application processes the data

D. how the application can transit the Internet

Which network firewall operates up to Layer 4 (Transport layer) of the OSI model and maintains information about the communication sessions which have been established between hosts on trusted and untrusted networks?

A. Group policy

B. Stateless

C. Stateful

D. Static packet-filter

Which Palo Alto Networks tools enable a proactive, prevention-based approach to network automation that accelerates security analysis?

A. MineMeld

B. AutoFocus

C. WildFire

D. Cortex XDR

Which two network resources does a directory service database contain? (Choose two.)

A. Services

B. /etc/shadow files

C. Users

D. Terminal shell types on endpoints

Which IoT connectivity technology is provided by satellites?

A. 4G/LTE

B. VLF

C. L-band

D. 2G/2.5G

Which pillar of Prisma Cloud application security does vulnerability management fall under?

A. dynamic computing

B. identity security

C. compute security

D. network protection

Which type of LAN technology is being displayed in the diagram?
 

A. Star Topology

B. Spine Leaf Topology

C. Mesh Topology

D. Bus Topology

Routing Information Protocol (RIP), uses what metric to determine how network traffic should flow?

A. Shortest Path

B. Hop Count

C. Split Horizon

D. Path Vector

When signature-based antivirus software detects malware, what three things does it do to provide protection? (Choose three.)

A. decrypt the infected file using base64

B. alert system administrators

C. quarantine the infected file

D. delete the infected file

E. remove the infected file’s extension

A native hypervisor runs:

A. with extreme demands on network throughput

B. only on certain platforms

C. within an operating system’s environment

D. directly on the host computer’s hardware

On an endpoint, which method should you use to secure applications against exploits?

A. endpoint-based firewall

B. strong user passwords

C. full-disk encryption

D. software patches

Which pillar of Prisma Cloud application security addresses ensuring that your cloud resources and SaaS applications are correctly configured?

A. visibility, governance, and compliance

B. network protection

C. dynamic computing

D. compute security

What is the primary purpose of a case management system?

A. To consolidate alerts into a single queue for streamlined incident handling

B. To incorporate an additional layer in the escalation procedure

C. To be a centralized tool pointing to other, separate alerting systems

D. To minimize the number of duplicate alerts

What differentiates knowledge-based systems from behavior-based systems?

A. Behavior-based systems find the data that knowledge-based systems store.

B. Knowledge-based systems pull from a previously stored database that distinguishes “bad”.

C. Knowledge-based systems try to find new, distinct traits to find “bad” things.

D. Behavior-based systems pull from a previously stored database that distinguishes “bad”.

Which statement describes DevOps?

A. DevOps is its own separate team

B. DevOps is a set of tools that assists the Development and Operations teams throughout the software delivery process

C. DevOps is a combination of the Development and Operations teams

D. DevOps is a culture that unites the Development and Operations teams throughout the software delivery process

You have been invited to a public cloud design and architecture session to help deliver secure east west flows and secure Kubernetes workloads.
What deployment options do you have available? (Choose two.)

A. PA-Series

B. VM-Series

C. Panorama

D. CN-Series

Anthem server breaches disclosed Personally Identifiable Information (PII) from a number of its servers. The infiltration by hackers was attributed to which type of vulnerability?

A. an intranet-accessed contractor’s system that was compromised

B. exploitation of an unpatched security vulnerability

C. access by using a third-party vendor’s password

D. a phishing scheme that captured a database administrator’s password

How does adopting a serverless model impact application development?

A. costs more to develop application code because it uses more compute resources

B. slows down the deployment of application code, but it improves the quality of code development

C. reduces the operational overhead necessary to deploy application code

D. prevents developers from focusing on just the application code because you need to provision the underlying infrastructure to run the code

Which Palo Alto Networks product provides playbooks with 300+ multivendor integrations that help solve any security use case?

A. Cortex XSOAR

B. Prisma Cloud

C. AutoFocus

D. Cortex XDR

Layer 4 of the TCP/IP Model corresponds to which three Layer(s) of the OSI Model? (Choose three.)

A. Transport

B. Presentation

C. Session

D. Application

E. Network

Which endpoint tool or agent can enact behavior-based protection?

A. AutoFocus

B. Cortex XDR

C. DNS Security

D. MineMeld

What does Palo Alto Networks Cortex XDR do first when an endpoint is asked to run an executable?

A. run a static analysis

B. check its execution policy

C. send the executable to WildFire

D. run a dynamic analysis

Which characteristic of serverless computing enables developers to quickly deploy application code?

A. Uploading cloud service autoscaling services to deploy more virtual machines to run their application code based on user demand

B. Uploading the application code itself, without having to provision a full container image or any OS virtual machine components

C. Using cloud service spot pricing to reduce the cost of using virtual machines to run their application code

D. Using Container as a Service (CaaS) to deploy application containers to run their code.

What is required for a SIEM to operate correctly to ensure a translated flow from the system of interest to the SIEM data lake?

A. connectors and interfaces

B. infrastructure and containers

C. containers and developers

D. data center and UPS

Which TCP/IP sub-protocol operates at Layer4 of the OSI model?

A. HTTPS

B. FTP

C. UDP

D. SSH

Which Palo Alto subscription service identifies unknown malware, zero-day exploits, and advanced persistent threats (APTs) through static and dynamic analysis in a scalable, virtual environment?

A. DNS Security

B. URL Filtering

C. WildFire

D. Threat Prevention

What is one of the elements of SecOps?

A. Zero Trust model

B. Interfaces

C. Infrastructure

D. Finances

Which analysis detonates previously unknown submissions in a custom-built, evasion-resistant virtual environment to determine real-world effects and behavior?

A. Dynamic

B. Pre-exploit protection

C. Bare-metal

D. Static

What should a security operations engineer do if they are presented with an encoded string during an incident investigation?

A. Save it to a new file and run it in a sandbox.

B. Run it against VirusTotal.

C. Append it to the investigation notes but do not alter it.

D. Decode the string and continue the investigation.

DRAG DROP -
Match each description to a Security Operating Platform key capability.
Select and Place:
 

Which TCP/IP sub-protocol operates at the Layer7 of the OSI model?

A. UDP

B. MAC

C. SNMP

D. NFS

Which type of firewall configuration should be deployed to protect north-south traffic?

A. High-throughput appliance deployed as stand-alone

B. Virtualized firewall deployed in stand-alone

C. High-throughput appliance deployed in high availability

D. Virtualized firewall deployed in high availability

Which three services are part of Prisma SaaS? (Choose three.)

A. Data Loss Prevention

B. DevOps

C. Denial of Service

D. Data Exposure Control

E. Threat Prevention

Under which category does an application that is approved by the IT department, such as Office 365, fall?

A. unsanctioned

B. prohibited

C. tolerated

D. sanctioned

Which Palo Alto Networks subscription service complements App-ID by enabling you to configure the next-generation firewall to identify and control access to websites and to protect your organization from websites hosting malware and phishing pages?

A. Threat Prevention

B. DNS Security

C. WildFire

D. URL Filtering

Which option is a Prisma Access security service?

A. Compute Security

B. Firewall as a Service (FWaaS)

C. Virtual Private Networks (VPNs)

D. Software-defined wide-area networks (SD-WANs)

DRAG DROP -
Order the OSI model with Layer7 at the top and Layer1 at the bottom.
Select and Place:
 

DRAG DROP
-
Match the level of security required in the Shared Security Model by customer with the cloud services used.
 

What protocol requires all routers in the same domain to maintain a map of the network?

A. EIGRP

B. Static

C. RIP

D. OSPF

What is the key to `taking down` a botnet?

A. prevent bots from communicating with the C2

B. install openvas software on endpoints

C. use LDAP as a directory service

D. block Docker engine software on endpoints