March Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Systems that allow for accelerated incident response through the execution of standardized and automated playbooks that work upon inputs from security technology and other data flows are known as what?

A.

XDR

B.

STEP

C.

SOAR

D.

SIEM

Full Access
Question # 5

Which type of Wi-Fi attack depends on the victim initiating the connection?

A.

Evil twin

B.

Jasager

C.

Parager

D.

Mirai

Full Access
Question # 6

Which analysis detonates previously unknown submissions in a custom-built, evasion-resistant virtual environment to determine real-world effects and behavior?

A.

Dynamic

B.

Pre-exploit protection

C.

Bare-metal

D.

Static

Full Access
Question # 7

What is a key benefit of Cortex XDR?

A.

It acts as a safety net during an attack while patches are developed.

B.

It secures internal network traffic against unknown threats.

C.

It manages applications accessible on endpoints.

D.

It reduces the need for network security.

Full Access
Question # 8

Which type of malware replicates itself to spread rapidly through a computer network?

A.

ransomware

B.

Trojan horse

C.

virus

D.

worm

Full Access
Question # 9

Order the OSI model with Layer7 at the top and Layer1 at the bottom.

Full Access
Question # 10

Which two statements describe the Jasager attack? (Choose two.)

A.

□ The victim must manually choose the attacker s access point

B.

□ It actively responds to beacon reguests.

C.

□ It tries to get victims to conned at random.

D.

□ The attacker needs to be wilhin close proximity of the victim.

Full Access
Question # 11

Match the IoT connectivity description with the technology.

Full Access
Question # 12

In which phase of the cyberattack lifecycle do attackers establish encrypted communication channels back to servers across the internet so that they can modify their attack objectives and methods?

A.

exploitation

B.

actions on the objective

C.

command and control

D.

installation

Full Access
Question # 13

A user is given access to a service that gives them access to cloud-hosted physical and virtual servers, storage, and networking.

Which NIST cloud service model is this?

A.

IaaS

B.

SaaS

C.

PaaS

D.

CaaS

Full Access
Question # 14

What does “forensics” refer to in a Security Operations process?

A.

Collecting raw data needed to complete the detailed analysis of an investigation

B.

Validating cyber analysts’ backgrounds before hiring

C.

Reviewing information about a broad range of activities

D.

Analyzing new IDS/IPS platforms for an enterprise

Full Access
Question # 15

How does adopting a serverless model impact application development?

A.

costs more to develop application code because it uses more compute resources

B.

slows down the deployment of application code, but it improves the quality of code development

C.

reduces the operational overhead necessary to deploy application code

D.

prevents developers from focusing on just the application code because you need to provision the underlying infrastructure to run the code

Full Access
Question # 16

Which IoT connectivity technology is provided by satellites?

A.

4G/LTE

B.

VLF

C.

L-band

D.

2G/2.5G

Full Access
Question # 17

Which TCP/IP sub-protocol operates at the Layer7 of the OSI model?

A.

UDP

B.

MAC

C.

SNMP

D.

NFS

Full Access
Question # 18

Which of these ports is normally associated with HTTPS?

A.

443

B.

5050

C.

25

D.

80

Full Access
Question # 19

What is the primary security focus after consolidating data center hypervisor hosts within trust levels?

A.

control and protect inter-host traffic using routers configured to use the Border Gateway Protocol (BGP) dynamic routing protocol

B.

control and protect inter-host traffic by exporting all your traffic logs to a sysvol log server using the User Datagram Protocol (UDP)

C.

control and protect inter-host traffic by using IPv4 addressing

D.

control and protect inter-host traffic using physical network security appliances

Full Access
Question # 20

Which VM-Series virtual firewall cloud deployment use case reduces your environment's attack surface?

A.

O Multicloud

B.

O 5G -

C.

Micro-segmentation

D.

DevOps

Full Access
Question # 21

What is the purpose of SIEM?

A.

Securing cloud-based applications

B.

Automating the security team’s incident response

C.

Real-time monitoring and analysis of security events

D.

Filtering webpages employees are allowed to access

Full Access
Question # 22

Which security component should you configure to block viruses not seen and blocked by the perimeter firewall?

A.

endpoint antivirus software

B.

strong endpoint passwords

C.

endpoint disk encryption

D.

endpoint NIC ACLs

Full Access
Question # 23

Which statement describes DevOps?

A.

DevOps is its own separate team

B.

DevOps is a set of tools that assists the Development and Operations teams throughout the software

delivery process

C.

DevOps is a combination of the Development and Operations teams

D.

DevOps is a culture that unites the Development and Operations teams throughout the software delivery process

Full Access
Question # 24

When signature-based antivirus software detects malware, what three things does it do to provide protection? (Choose three.)

A.

decrypt the infected file using base64

B.

alert system administrators

C.

quarantine the infected file

D.

delete the infected file

E.

remove the infected file’s extension

Full Access
Question # 25

Which term describes data packets that move in and out of the virtualized environment from the host network or a corresponding traditional data center?

A.

North-South traffic

B.

Intrazone traffic

C.

East-West traffic

D.

Interzone traffic

Full Access
Question # 26

What protocol requires all routers in the same domain to maintain a map of the network?

A.

EIGRP

B.

Static

C.

RIP

D.

OSPF

Full Access
Question # 27

What is the recommended method for collecting security logs from multiple endpoints?

A.

Leverage an EDR solution to request the logs from endpoints.

B.

Connect to the endpoints remotely and download the logs.

C.

Configure endpoints to forward logs to a SIEM.

D.

Build a script that pulls down the logs from all endpoints.

Full Access
Question # 28

Which network device breaks networks into separate broadcast domains?

A.

Hub

B.

Layer 2 switch

C.

Router

D.

Wireless access point

Full Access
Question # 29

Which organizational function is responsible for security automation and eventual vetting of the solution to help ensure consistency through machine-driven responses to security issues?

A.

NetOps

B.

SecOps

C.

SecDevOps

D.

DevOps

Full Access
Question # 30

Which option is a Prisma Access security service?

A.

Compute Security

B.

Firewall as a Service (FWaaS)

C.

Virtual Private Networks (VPNs)

D.

Software-defined wide-area networks (SD-WANs)

Full Access
Question # 31

What does Palo Alto Networks Cortex XDR do first when an endpoint is asked to run an executable?

A.

run a static analysis

B.

check its execution policy

C.

send the executable to WildFire

D.

run a dynamic analysis

Full Access
Question # 32

Which technique uses file sharing or an instant messenger client such as Meebo running over Hypertext Transfer Protocol (HTTP)?

A.

Use of non-standard ports

B.

Hiding within SSL encryption

C.

Port hopping

D.

Tunneling within commonly used services

Full Access
Question # 33

In an IDS/IPS, which type of alarm occurs when legitimate traffic is improperly identified as malicious traffic?

A.

False-positive

B.

True-negative

C.

False-negative

D.

True-positive

Full Access
Question # 34

Which statement is true about advanced persistent threats?

A.

They use script kiddies to carry out their attacks.

B.

They have the skills and resources to launch additional attacks.

C.

They lack the financial resources to fund their activities.

D.

They typically attack only once.

Full Access
Question # 35

Which method is used to exploit vulnerabilities, services, and applications?

A.

encryption

B.

port scanning

C.

DNS tunneling

D.

port evasion

Full Access
Question # 36

Which network firewall operates up to Layer 4 (Transport layer) of the OSI model and maintains information about the communication sessions which have been established between hosts on trusted and untrusted networks?

A.

Group policy

B.

Stateless

C.

Stateful

D.

Static packet-filter

Full Access
Question # 37

Which not-for-profit organization maintains the common vulnerability exposure catalog that is available through their public website?

A.

Department of Homeland Security

B.

MITRE

C.

Office of Cyber Security and Information Assurance

D.

Cybersecurity Vulnerability Research Center

Full Access
Question # 38

Which model would a customer choose if they want full control over the operating system(s) running on their cloud computing platform?

A.

SaaS

B.

DaaS

C.

PaaS

D.

IaaS

Full Access
Question # 39

Which key component is used to configure a static route?

A.

router ID

B.

enable setting

C.

routing protocol

D.

next hop IP address

Full Access
Question # 40

Which NGFW feature is used to provide continuous identification, categorization, and control of known and previously unknown SaaS applications?

A.

User-ID

B.

Device-ID

C.

App-ID

D.

Content-ID

Full Access
Question # 41

You have been invited to a public cloud design and architecture session to help deliver secure east west flows and secure Kubernetes workloads.

What deployment options do you have available? (Choose two.)

A.

PA-Series

B.

VM-Series

C.

Panorama

D.

CN-Series

Full Access
Question # 42

How does Prisma SaaS provide protection for Sanctioned SaaS applications?

A.

Prisma SaaS connects to an organizations internal print and file sharing services to provide protection and sharing visibility

B.

Prisma SaaS does not provide protection for Sanctioned SaaS applications because they are secure

C.

Prisma access uses Uniform Resource Locator (URL) Web categorization to provide protection and sharing visibility

D.

Prisma SaaS connects directly to sanctioned external service providers SaaS application service to provide protection and sharing visibility

Full Access
Question # 43

If an endpoint does not know how to reach its destination, what path will it take to get there?

A.

The endpoint will broadcast to all connected network devices.

B.

The endpoint will not send the traffic until a path is clarified.

C.

The endpoint will send data to the specified default gateway.

D.

The endpoint will forward data to another endpoint to send instead.

Full Access
Question # 44

What does SOAR technology use to automate and coordinate workflows?

A.

algorithms

B.

Cloud Access Security Broker

C.

Security Incident and Event Management

D.

playbooks

Full Access
Question # 45

Which Palo Alto Networks tool is used to prevent endpoint systems from running malware executables such as viruses, trojans, and rootkits?

A.

Expedition

B.

Cortex XDR

C.

AutoFocus

D.

App-ID

Full Access
Question # 46

Which product from Palo Alto Networks enables organizations to prevent successful cyberattacks as well as simplify and strengthen security processes?

A.

Expedition

B.

AutoFocus

C.

MineMeld

D.

Cortex XDR

Full Access
Question # 47

TCP is the protocol of which layer of the OSI model?

A.

Transport

B.

Session

C.

Data Link

D.

Application

Full Access