What is the primary security focus after consolidating data center hypervisor hosts within trust levels?

A. control and protect inter-host traffic using routers configured to use the Border Gateway Protocol (BGP) dynamic routing protocol

B. control and protect inter-host traffic by exporting all your traffic logs to a sysvol log server using the User Datagram Protocol (UDP)

C. control and protect inter-host traffic by using IPv4 addressing

D. control and protect inter-host traffic using physical network security appliances

Which option is an example of a North-South traffic flow?

A. Lateral movement within a cloud or data center

B. An internal three-tier application

C. Client-server interactions that cross the edge perimeter

D. Traffic between an internal server and internal user

DRAG DROP -
Match the description with the VPN technology.
Select and Place:
 

Web 2.0 applications provide which type of service?

A. SaaS

B. FWaaS

C. IaaS

D. PaaS

Which endpoint tool or agent can enact behavior-based protection?

A. AutoFocus

B. Cortex XDR

C. DNS Security

D. MineMeld

What is the key to `taking down` a botnet?

A. prevent bots from communicating with the C2

B. install openvas software on endpoints

C. use LDAP as a directory service

D. block Docker engine software on endpoints

Which characteristic of serverless computing enables developers to quickly deploy application code?

A. Uploading cloud service autoscaling services to deploy more virtual machines to run their application code based on user demand

B. Uploading the application code itself, without having to provision a full container image or any OS virtual machine components

C. Using cloud service spot pricing to reduce the cost of using virtual machines to run their application code

D. Using Container as a Service (CaaS) to deploy application containers to run their code.

In which phase of the cyberattack lifecycle do attackers establish encrypted communication channels back to servers across the internet so that they can modify their attack objectives and methods?

A. exploitation

B. actions on the objective

C. command and control

D. installation

In SecOps, what are two of the components included in the identify stage? (Choose two.)

A. Initial Research

B. Change Control

C. Content Engineering

D. Breach Response

Which TCP/IP sub-protocol operates at Layer4 of the OSI model?

A. HTTPS

B. FTP

C. UDP

D. SSH

Which endpoint product from Palo Alto Networks can help with SOC visibility?

A. STIX

B. Cortex XDR

C. WildFire

D. AutoFocus

Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) fall under which Prisma access service layer?

A. Network

B. Management

C. Cloud

D. Security

Which technique changes protocols at random during a session?

A. use of non-standard ports

B. port hopping

C. hiding within SSL encryption

D. tunneling within commonly used services

What does SIEM stand for?

A. Security Infosec and Event Management

B. Security Information and Event Management

C. Standard Installation and Event Media

D. Secure Infrastructure and Event Monitoring

In the Transport layer of the OSI model, what is a protocol data unit (PDU) called?

A. Frame

B. Packet

C. Datagram

D. Bit

Which pillar of Prisma Cloud application security addresses ensuring that your cloud resources and SaaS applications are correctly configured?

A. visibility, governance, and compliance

B. network protection

C. dynamic computing

D. compute security

Which option is a Prisma Access security service?

A. Compute Security

B. Firewall as a Service (FWaaS)

C. Virtual Private Networks (VPNs)

D. Software-defined wide-area networks (SD-WANs)

Which of the following is a service that allows you to control permissions assigned to users in order for them to access and utilize cloud resources?

A. User-ID

B. Lightweight Directory Access Protocol (LDAP)

C. User and Entity Behavior Analytics (UEBA)

D. Identity and Access Management (IAM)

What differentiates knowledge-based systems from behavior-based systems?

A. Behavior-based systems find the data that knowledge-based systems store.

B. Knowledge-based systems pull from a previously stored database that distinguishes “bad”.

C. Knowledge-based systems try to find new, distinct traits to find “bad” things.

D. Behavior-based systems pull from a previously stored database that distinguishes “bad”.

Before incorporating the DevSecOps process, when was security applied in the software-development lifecycle?

A. In every step of the lifecycle

B. Right in the middle

C. Right at the end, after the development ended

D. Right at the beginning, before the development started

In which two cloud computing service models are the vendors responsible for vulnerability and patch management of the underlying operating system? (Choose two.)

A. SaaS

B. PaaS

C. On-premises

D. IaaS

Which statement describes DevOps?

A. DevOps is its own separate team

B. DevOps is a set of tools that assists the Development and Operations teams throughout the software delivery process

C. DevOps is a combination of the Development and Operations teams

D. DevOps is a culture that unites the Development and Operations teams throughout the software delivery process

Which Palo Alto Networks subscription dynamically discovers and maintains a real-time inventory of devices on your network?

A. DNS Security

B. Threat Prevention

C. IoT Security

D. Wildfire

Which core component is used to implement a Zero Trust architecture?

A. VPN Concentrator

B. Content Identification

C. Segmentation Platform

D. Web Application Zone

For which three platforms does the SASE solution provide consistent security services and access? (Choose three.)

A. On-site

B. Software as a service (SaaS)

C. Private cloud

D. Public cloud

E. On-premises

Which NGFW feature is used to provide continuous identification, categorization, and control of known and previously unknown SaaS applications?

A. User-ID

B. Device-ID

C. App-ID

D. Content-ID

How does DevSecOps improve the Continuous Integration/Continuous Deployment (CI/CD) pipeline?

A. DevSecOps improves pipeline security by assigning the security team as the lead team for continuous deployment

B. DevSecOps ensures the pipeline has horizontal intersections for application code deployment

C. DevSecOps unites the Security team with the Development and Operations teams to integrate security into the CI/CD pipeline

D. DevSecOps does security checking after the application code has been processed through the CI/CD pipeline

Which term describes data packets that move in and out of the virtualized environment from the host network or a corresponding traditional data center?

A. North-South traffic

B. Intrazone traffic

C. East-West traffic

D. Interzone traffic

SecOps consists of interfaces, visibility, technology, and which other three elements? (Choose three.)

A. People

B. Accessibility

C. Processes

D. Understanding

E. Business

Which activities do local organization security policies cover for a SaaS application?

A. how the data is backed up in one or more locations

B. how the application can be used

C. how the application processes the data

D. how the application can transit the Internet

Which analysis detonates previously unknown submissions in a custom-built, evasion-resistant virtual environment to determine real-world effects and behavior?

A. Dynamic

B. Pre-exploit protection

C. Bare-metal

D. Static

Which three terms are functions of security operations? (Choose three.)

A. Segment

B. Identify

C. Mitigate

D. Investigate

E. Report

On an endpoint, which method is used to protect proprietary data stored on a laptop that has been stolen?

A. operating system patches

B. full-disk encryption

C. periodic data backups

D. endpoint-based firewall

What is an example of a Web 3.0 application?

A. Github

B. Bitcoin

C. Pinterest

D. Facebook

Which core NGFW subscription service defends networks from advanced persistent threats (APTs)?

A. WildFire

B. DNS Security

C. Threat Prevention

D. URL Filtering

You have been invited to a public cloud design and architecture session to help deliver secure east west flows and secure Kubernetes workloads.
What deployment options do you have available? (Choose two.)

A. PA-Series

B. VM-Series

C. Panorama

D. CN-Series

During the OSI layer 3 step of the encapsulation process, what is the Protocol Data Unit (PDU) called when the IP stack adds source (sender) and destination
(receiver) IP addresses?

A. Frame

B. Segment

C. Packet

D. Data

Which two statements are true about servers in a demilitarized zone (DMZ)? (Choose two.)

A. They can be accessed by traffic from the internet.

B. They are located in the internal network.

C. They can expose servers in the internal network to attacks.

D. They are isolated from the internal network.

A native hypervisor runs:

A. with extreme demands on network throughput

B. only on certain platforms

C. within an operating system’s environment

D. directly on the host computer’s hardware

DRAG DROP
-
Match each tunneling protocol to its definition.
 

What type of DNS record maps an IPV6 address to a domain or subdomain to another hostname?

A. SOA

B. NS

C. AAAA

D. MX

Which type of Software as a Service (SaaS) application provides business benefits, is fast to deploy, requires minimal cost and is infinitely scalable?

A. Benign

B. Tolerated

C. Sanctioned

D. Secure

In a traditional data center what is one result of sequential traffic analysis?

A. simplifies security policy management

B. reduces network latency

C. causes security policies to be complex

D. improves security policy application ID enforcement

DRAG DROP -
Match the Palo Alto Networks WildFire analysis verdict with its definition.
Select and Place:
 

Which of the following is an AWS serverless service?

A. Beta

B. Kappa

C. Delta

D. Lambda

What are two key characteristics of a Type 1 hypervisor? (Choose two.)

A. is hardened against cyber attacks

B. runs without any vulnerability issues

C. runs within an operating system

D. allows multiple, virtual (or guest) operating systems to run concurrently on a single physical host computer

What is the primary purpose of a case management system?

A. To consolidate alerts into a single queue for streamlined incident handling

B. To incorporate an additional layer in the escalation procedure

C. To be a centralized tool pointing to other, separate alerting systems

D. To minimize the number of duplicate alerts

Which IPsec feature allows device traffic to go directly to the Internet?

A. Split tunneling

B. Diffie-Hellman groups

C. d.Authentication Header (AH)

D. IKE Security Association

Which network device breaks networks into separate broadcast domains?

A. Hub

B. Layer 2 switch

C. Router

D. Wireless access point

What does Palo Alto Networks Cortex XDR do first when an endpoint is asked to run an executable?

A. run a static analysis

B. check its execution policy

C. send the executable to WildFire

D. run a dynamic analysis