



















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A wide range of networking and cybersecurity topics, including routing protocols, ip addressing, osi model, transport layer protocols, firewall concepts, virtualization security, vpn technologies, application identification, malware and botnet attacks, cloud security models, and palo alto networks security products and services. Multiple-choice questions to test the reader's understanding of these concepts. The depth and breadth of the topics covered make this document a valuable resource for students and professionals interested in networking, cybersecurity, and palo alto networks technologies.
Typology: Exams
1 / 27
This page cannot be seen from the preview
Don't miss anything!




















In which cloud computing service model does a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure? A. Platform as a Service (PaaS) B. Infrastructure as a Service (IaaS) C. Software as a Service (SaaS) D. Public Cloud Correct Answer-C Business intelligence (BI) software consists of tools and techniques used to surface large amounts of raw unstructured data to perform a variety of tasks including data mining, event processing, and predictive analytics. (True or False) Correct Answer-T The process in which end users find personal technology and apps that are more powerful or capable, more convenient, less expensive, quicker to install, and easier to use than enterprise IT solutions is known as consumerization. (True or False) Correct Answer-T An organization can be compliant with all applicable security and privacy regulations for its industry, yet still not be secure. (True or False) Correct Answer- T The U.S. law that establishes national standards to protect individuals' medical records and other health information is known as _______. Correct Answer- HIPAA Most cyberattacks today are perpetrated by internal threat actors such as malicious employees engaging in corporate espionage. (True or False) Correct Answer-F
The Cyber-Attack Lifecycle is a five-step process that an attacker goes through to attack a network. (True or False) Correct Answer-F List the steps of the Cyber-Attack Lifecycle. Correct Answer-Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives An attacker needs to succeed in executing only one step of the Cyber-Attack Lifecycle to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack. (True or False) Correct Answer-F Which technique is not used to break the command-and-control (C&C) phase of the Cyber-Attack Lifecycle? A. Blocking outbound traffic to known malicious sites and IP addresses B. DNS sinkholing and DNS poisoning C. Vulnerability and patch management D. All of the above Correct Answer-C The key to breaking the Cyber-Attack Lifecycle during the Installation phase is to implement network segmentation, a Zero Trust model, and granular control of applications to limit or restrict an attacker's lateral movement within the network. (True or False) Correct Answer-T Network firewalls cannot completely protect hosts from zero-day exploits. (True or False) Correct Answer-T
A _________________ is a mathematical function that creates a unique representation of a larger set of data in a manner that is easy to compute in one direction, but not in the reverse direction. Correct Answer-hash A _________________ sends data packets to destination networks along a network path using logical addresses. Correct Answer-router Which option is an example of a static routing protocol? A. Open Shortest Path First (OSPF) B. Border Gateway Protocol (BGP) C. Routing Information Protocol (RIP) D. Split horizon Correct Answer-C Which three options are dynamic routing protocols? (Choose three.) A. Distance-vector B. Path-vector C. Link-state D. Point-to-point Correct Answer-ABC The internet is an example of a wide-area network (WAN). (True or False) Correct Answer-T _________________ is a distributed, hierarchical internet database that maps FQDNs to IP addresses. Correct Answer-DNS Which option is an example of a logical address? A. IP address
B. Hardware address C. MAC address D. Burned-in address Correct Answer-A An IPv4 address consists of four ______-bit octets. Correct Answer- _________________ is a technique used to divide a large network into smaller, multiple subnetworks by segmenting an IPv4 address into a network and host portion. Correct Answer-Subnetting The OSI model consists of how many layers? A. Four B. Six C. Seven D. Nine Correct Answer-C Which two protocols function at the Transport layer of the OSI model? A. Transmission Control Protocol (TCP) B. Internet Protocol (IP) C. User Datagram Protocol (UDP) D. Hypertext Transfer Protocol (HTTP) Correct Answer-AC The Data Link layer of the OSI model is further divided into these two sublayers: _____ and _____. Correct Answer-LLC and MAC Which four layers comprise the TCP/IP model? (Choose four.)
c) selectively virtualizing network security functions d) implementing a dynamic computing fabric Correct Answer-B A dynamic packet filtering firewall inspects each individual packet during a session to determine if the traffic should be allowed, blocked, or dropped by the firewall. (True or False) Correct Answer-F What are three characteristics of application firewalls? (Choose three.) a) proxies traffic rather than permitting direct communication between hosts b) can be used to implement strong user authentication c) masks the internal network from untrusted networks d) is extremely fast and has no impact on network performance Correct Answer- ABC Which VPN technology is currently considered the preferred method for securely connecting a remote endpoint device back to an enterprise network? a) point-to-point tunneling protocol (PPTP) b) secure socket tunneling protocol (SSTP) c) Secure Sockets Layer (SSL) d) Internet Protocol Security (IPsec) Correct Answer-C Which is NOT a characteristic of Unified Threat Management (UTM)? a) It combines security functions such as firewalls, intrusion detection systems (IDS), anti-malware, and data loss prevention (DLP) in a single appliance. b) enabling all of the security functions in a UTM device can have a significant performance impact. c) It fully integrates all the security functions installed on the device.
d) It can be a convenient solution for small networks. Correct Answer-C Signature-based anti-malware software is considered a proactive security countermeasure. (True or False) Correct Answer-F __________ endpoint protection wraps a protective virtual barrier around vulnerable processes while they're running. Correct Answer-Container-based What are three typical mobile device management software capabilities? (Choose three.) a) data loss prevention (DLP) b) policy enforcement c) intrusion detection d) malware prevention Correct Answer-ABD Which three cloud computing service models are defined by NIST? (Choose three.) a) software as a service (SaaS) b) platform as a service (PaaS) c) desktop as a service (DaaS) d) infrastructure as a service (IaaS) Correct Answer-ABD A __________ cloud infrastructure comprises two or more cloud deployment models, bound by standardized or proprietary technology that enables data and application portability. Correct Answer-hybrid
a) network security b) advanced endpoint protection c) cloud security d) application development security Correct Answer-ABC Which option is not a defining characteristic of a NGFW? a) low latency packet processing with minimal throughput loss b) adherence to strict port and protocol enforcement for allow or block decisions c) integrated security tools d) bidirectional full-stack analysis of packets Correct Answer-B What are the three core capabilities of an NGFW? (Choose three.) a) user identification b) splunk identification c) application identification d) content identification Correct Answer-ACD Which option is not a core technique for identifying applications in Palo Alto Networks NGFWs? a) packet headers b) application signatures c) protocol decoding d) behavioral analysis Correct Answer-A Panorama does not integrate with which option? a) WildFire
b) Splunk c) Palo Alto Networks NGFWs d) traditional port-based firewalls Correct Answer-D The key to Traps is blocking core exploit and malware techniques, not the individual attacks. (True or False) Correct Answer-T What are the three keys to safely enabling mobile devices in the enterprise? (Choose three) A. control the data B. provision the device C. manage the device D. protect the device Correct Answer-ACD __________ provides continuous monitoring of public clouds and helps organizations achieve a continuous state of compliance in their public cloud workloads. Correct Answer-Evident Aperture is deployed as a standalone inline service between the organization's traditional perimeter-based firewalls and requires a software agent to be installed on mobile devices. Correct Answer-F Aperture protects data in hosted files and application entries. Correct Answer-T Magnifier leverages __________ to analyze network, endpoint, and cloud data, which helps security analysts rapidly confirm threats by reviewing actionable alerts. Correct Answer-machine learning
a. complex deployment b. convenient and economical c. subscription service d. internet or application-based e. extensive manpower required Correct Answer-BCD Mobile devices are easy targets for attacks for which two reasons? (Choose two.) a. They roam in unsecured areas. b. They have poor battery-charging capabilities. c. They stay in an always-on, always-present state. d. They use speaker phones. Correct Answer-AC An organization can be fully compliant with the various cybersecurity laws and regulations that are applicable for that organization, yet still not be secure. (True or False.) Correct Answer-T Which path or tool is used by attackers? a. threat vector b. software as a service (SaaS) c. storage-area networks (SAN) d. anti-malware update Correct Answer-A Which kind of server is a master server that is designed to listen to individual compromised endpoints and respond with appropriate attack commands? a. bot b. web
c. command and control d. directory services Correct Answer-C Another term for a "bot" is a "zombie". (True or False) Correct Answer-T A man-in-the middle attack requires that the attacker successfully spoof the identities of __________ a. the network appliance b. the internal user c. both endpoints and users d. the external user Correct Answer-C The spread of unsolicited content to targeted endpoints is known as what? a. pharming b. phishing c. exploiting d. spamming Correct Answer-D Which type of attack utilizes many endpoints as bots or attackers in a coordinated effort, and can be extremely effective in taking down a website or some other publicly accessible service? a. Bluetooth b. distributed denial-of-service c. man-in-the-middle d. adware Correct Answer-B
a. application identity b. hacker signatures c. device identity d. content identity e. user identity Correct Answer-ADE The Zero Trust security model is primarily concerned with packet management at the network border, gateway, or perimeter, because it monitors frames that are entering and leaving the internal network and generally applies packet filtering firewall rules. (True or False) Correct Answer-F Which four components are part of a traditional data center? (Choose four.) a. logging and monitoring services b. Domain Name Services (DNS) c. file screening and classification services d. IP address management e. storage-area network (SAN) f. perimeter firewalls Correct Answer-ACEF The ports-first focus used by traditional data security perimeter firewalls limits their ability to see all traffic on all ports, meaning they do not effectively evaluate evasive or encrypted applications. (True or False) Correct Answer-T Communications that occur within the data center are commonly referred to as what? a. hybrid b. north-south
c. east-west d. agile Correct Answer-C Which three entities have been identified for defining security responsibilities and commitments as dictated in the Shared Responsibility Model? (Choose three.) a. federal government b. Cloud Service Providers c. corporate customers d. end users e. application developers Correct Answer-BCD Which four services typically are supported by the provider with the platform-as-a- service (PaaS) model? (Choose four.) a. servers b. operating system c. virtualization d. application e. storage f. data Correct Answer-ABCE Which four items typically are analyzed by a next-generation firewall? (Choose four.) a. uniform resource locators b. User-ID c. Content-ID d. server performance
Which three tasks are performed by signature-based anti-malware? (Choose three.) a. quarantines infected files b. prevents against zero-day attacks c. deletes infected files d. downloads signature file updates from the vendor site e. prevents spam Correct Answer-ACD Signature-based anti-malware detection is a static process that compares file contents against a database of known malware bits and bytes. Anomaly or behavioral heuristics anti-malware detection is a dynamic process that uses learning processes to determine acceptable practices. (True or False) Correct Answer-T Containers that are built according to which design are built with an image manifest that describes all of the metadata and container properties? a. whitelist b. positive control model c. Application Awareness d. open container initiative Correct Answer-D What challenges attackers to overcome security barriers at the perimeter, on the local network, and on the endpoint itself? a. defense-in-depth b. packet filtering c. anomaly detection d. application management Correct Answer-A
Mobile device management can be utilized to apply security policies that support malware protection and data loss prevention classifications after what happens to a mobile device? a. It is placed in a virtual container. b. It is installed with a personal firewall. c. It is properly identified and authenticated. d. It is quarantined. Correct Answer-C Which four items are examined by a next-generation firewall? (Choose four.) a. ports b. north-south traffic c. User-ID d. Content-ID e. Application-ID f. gateway Correct Answer-ACDE Which Palo Alto Networks security product uses a proactive prevention strategy to block exploit and malware techniques and deliver Advanced Endpoint Protection? a. Traps b. WildFire c. Prisma Public Cloud d. Prisma SaaS Correct Answer-A The Palo Alto Networks Security Operating Platform delivers solutions that address three main security topics: network security, Advanced Endpoint Protection, and cloud security. (True or False) Correct Answer-T