Summer Sale Discount Flat 70% Offer - Ends in 0d 00h 00m 00s - Coupon code: 70diswrap

Paloalto Networks Apprentice Dumps

Page: 1 / 12
Total 115 questions

Palo Alto Networks Cybersecurity Apprentice Questions and Answers

Question 1

What is a function of a Network-Based Intrusion Detection System (NIDS)?

Options:

A.

Scanning and quarantining infected files on a host machine

B.

Proxying traffic before reaching an internal network

C.

Blocking malicious traffic from entering a network in real time

D.

Monitoring network traffic and reporting results to an administrator

Question 2

Which device reads information from packets at the application layer of the OSI model to determine if traffic should be forwarded?

Options:

A.

Switch

B.

Next-generation firewall

C.

WAN accelerator

D.

Router

Question 3

What is the purpose of an API?

Options:

A.

It allows operating systems to redesign themselves.

B.

It allows machine learning models to internally check datagrams.

C.

It allows hardware controls to be modified.

D.

It allows software applications to share data.

Question 4

What are two components of a cloud-native security platform (CNSP)? (Choose two.)

Options:

A.

Asset inventory

B.

VPN

C.

Endpoint security

D.

Identity and access management (IAM)

Question 5

Which device reads information from packets at the application layer of the OSI model to determine if traffic should be forwarded?

Options:

A.

WAN accelerator

B.

Router

C.

Switch

D.

Next-generation firewall

Question 6

What is an effective use case of URL filtering?

Options:

A.

Monitoring threat logs and traffic logs

B.

Restricting access to phishing websites

C.

Acting as a sandbox for potentially malicious files

D.

Discovering internet of things (IoT) devices

Question 7

Which two sets of actions are examples of multi-factor authentication (MFA)? (Choose two.)

Options:

A.

Answering a security question and providing a thumbprint

B.

Entering a PIN and scanning a smart card

C.

Scanning the palm of one hand followed by the other hand

D.

Answering three sequential security questions

Question 8

Which cloud service model allows a third-party provider to host an application that is readily available for customer use?

Options:

A.

Software as a service (SaaS)

B.

Platform as a service (PaaS)

C.

Desktop as a service (DaaS)

D.

Infrastructure as a service (IaaS)

Question 9

What does continuous integration and continuous delivery/deployment (CI/CD) improve for an organization?

Options:

A.

Network threat alert potential

B.

API interaction optimization

C.

Secure development pipeline

D.

Storage quotas for code

Question 10

Which packets are considered east-west traffic in a data center?

Options:

A.

Those originating from the internet destined to the public IP address of a virtual server

B.

Those sent from a virtual desktop to a cloud-based proxy

C.

Those sent from a cloud-based server to a virtual desktop

D.

Those that move between virtual servers across a virtual switch

Question 11

Which tunnel protocol is used to secure communications over HTTPS?

Options:

A.

IKE

B.

GRE

C.

SSH

D.

TLS

Question 12

What does DHCP provide to a client?

Options:

A.

Zone

B.

MAC address

C.

IP address

D.

Port range

Question 13

What are two endpoint security implementation methods? (Choose two.)

Options:

A.

Installing an anti-malware agent onto a user device

B.

Deploying a firewall to prevent traffic from reaching an end user

C.

Enforcing security policies on north-south traffic between users and the internet

D.

Downloading software onto a laptop to prevent spyware

Question 14

Which type of segmentation divides traffic based on the interface on which a packet is received or sent?

Options:

A.

Zone

B.

Port

C.

Application

D.

Role

Question 15

What is a self-sufficient executable package that encompasses all necessary components for running a piece of software including the code, runtime, libraries, and system tools?

Options:

A.

Container

B.

Host

C.

Server

D.

Virtual machine (VM)

Question 16

Which security control is best suited to block traffic based on the actual application being used rather than only the port number?

Options:

A.

Hub

B.

Next-generation firewall

C.

DHCP server

D.

Layer 2 switch

Question 17

Which statement describes both stateful firewalls and stateless firewalls?

Options:

A.

Stateful firewalls encrypt all traffic they inspect; stateless firewalls only pass through unencrypted traffic.

B.

Stateful firewalls are primary hardware appliances; stateless firewalls are exclusively software-based.

C.

Stateful firewalls only allow access to internal applications; stateless firewalls allow connections only to the internet.

D.

Stateful firewalls track and secure ongoing connections; stateless firewalls inspect each packet individually.

Question 18

Which cloud computing model allows a single organization to keep its data in a private environment but also access the scalability and cost-effectiveness of public resources?

Options:

A.

Hybrid

B.

Public

C.

Community

D.

Private

Question 19

Which tool resides on a host to identify malicious activity?

Options:

A.

Instruction Detection System (IDS)

B.

Unified threat detection device

C.

Endpoint protection agent

D.

Next-generation firewall appliance

Question 20

Which activity increases the ability of endpoint protection to successfully identify threats?

Options:

A.

Creating honeypots

B.

Implementing virtualization

C.

Encoding null routes

D.

Applying security updates

Question 21

Which pillar should a company focus on first when establishing a new security operations department?

Options:

A.

Technology

B.

Processes

C.

People

D.

Business

Question 22

What is the fundamental role of a proxy server in internet communication?

Options:

A.

Enhancing the processing power of a user device when accessing internet.

B.

Managing and securing email communications.

C.

Acting as an intermediary, routing traffic between users and online resources.

D.

Directly connecting endpoint agents to web servers.

Question 23

Which metric measures how long it takes a security team to detect a cybersecurity incident?

Options:

A.

MTTR

B.

MTTD

C.

MFA

D.

NAT

Question 24

Why would an organization implement a demilitarized zone (DMZ)?

Options:

A.

To provision multiple external zones that allow for destination NAT

B.

To facilitate the use of SD-WAN departments within an organization

C.

To allow effective communications with other organizations

D.

To protect internal resources while still allowing access to public-facing internet services

Question 25

In which cloud service model does a company use hardware resources from a cloud service provider?

Options:

A.

Platform as a service (PaaS)

B.

Software as a service (SaaS)

C.

Network as a service (NaaS)

D.

Infrastructure as a service (IaaS)

Question 26

What is a function of a cloud-native security platform (CNSP)?

Options:

A.

Protecting applications at runtime

B.

Generating cost analysis

C.

Sandboxing ransomware

D.

Executing penetration testing

Question 27

What is a documented strategy outlining how an organization will detect, respond to, and recover from cybersecurity attacks or other disruptions?

Options:

A.

Security framework alignment

B.

MTTR

C.

MTTD

D.

Incident response plan

Question 28

Which attack takes place in the Exploitation phase of the cyber attack lifecycle?

Options:

A.

Weaponized PDF file executing on a target

B.

Malicious phishing link sent to a target

C.

Polymorphic malware altering its structure on a target after gaining access

D.

Undisclosed software vulnerability used to gain remote access to a target

Question 29

What is a benefit of SD-WAN versus traditional WANs?

Options:

A.

Reliance on multiple different WAN connection types and licenses is removed.

B.

All physical WAN components can be easily removed and replaced without network disruption.

C.

Administrators can deploy WAN connection policies across an entire network at once.

D.

WANs are physically connected and strengthened against electromagnetic interference.

Question 30

What does a host-based firewall primarily attempt to prevent?

Options:

A.

Exhaustion of network memory resources

B.

Privilege escalation

C.

Pop-up advertisements

D.

Unauthorized or suspicious network connections

Question 31

What is a function of an Intrusion Detection System (IDS)?

Options:

A.

Rejecting connections deemed anomalous

B.

Filtering outbound malicious TCP packets

C.

Monitoring network traffic for specific patterns

D.

Dropping inline network packets

Question 32

What are two functions of VPN gateways? (Choose two.)

Options:

A.

Certificate refresh

B.

Site-to-Site connectivity

C.

Remote access

D.

URL filtering

Question 33

Which type of attack occurs when malware is hidden within an application and infects the host without being detected?

Options:

A.

Botnet

B.

Ransomware

C.

Trojan

D.

Virus

Question 34

What is an example of an exploit?

Options:

A.

Misconfigured access control

B.

Unpatched software

C.

Buffer overflow attack

D.

Exposed password

Page: 1 / 12
Total 115 questions