Palo Alto Networks Cybersecurity Apprentice v1.0

Page:    1 / 8   
Exam contains 113 questions
Expand All

What will cause an unusually high number of false positive alerts?

  • A. Post-breach recovery plan is well defined.
  • B. User privilege is configured to be strict.
  • C. Device is unable to receive an IP address.
  • D. Traffic match criteria is too generalized.


Answer : D

What is a desired outcome of automation is a security operations center (SOC)?

  • A. Increased number of alerts
  • B. Increased MTTR
  • C. Increased efficiency
  • D. Increased false positives


Answer : C

Which feature defines a firewall as being next-generation?

  • A. Application awareness
  • B. Intrusion prevention
  • C. Biometric security
  • D. Static inspection


Answer : A

What are two characteristics of data loss prevention (DLP)? (Choose two.)

  • A. Traffic shaping
  • B. Key logging
  • C. File-level encryption
  • D. Content-aware


Answer : CD

What is a result of the Actions on the Objective phase in the cyber attack lifecycle?

  • A. Host sweeps and port scans are performed.
  • B. Outbound communication channels are established.
  • C. Data is exfiltrated and web property is defaced.
  • D. Exploits are launched against a vulnerable application.


Answer : C

In which cloud service model does a company use hardware resources from a cloud service provider?

  • A. Platform as a service (PaaS)
  • B. Software as a service (SaaS)
  • C. Network as a service (NaaS)
  • D. Infrastructure as a service (IaaS)


Answer : D

What is the purpose of continuous deployment in the CI/CD lifecycle?

  • A. Maintaining a state in which any version of the software can be deployed to a production environment.
  • B. Merging code changes into a central repository
  • C. Packaging code into a Docker container for deployment
  • D. Automatically deploying every change that passes the automated tests to production, minimizing lead time


Answer : D

Which type of attack involves employees using their credentials to copy proprietary software onto an external drive?

  • A. Insider threat
  • B. Social engineering
  • C. Spear phishing
  • D. Identity theft


Answer : A

Which protocol uses encryption to secure its communications?

  • A. Telnet
  • B. SSH
  • C. NAT
  • D. DHCP


Answer : B

What is an initial action when investigating a security incident?

  • A. Identify indicators of compromise.
  • B. Create a timeline of events.
  • C. Write a threat intelligence report.
  • D. Remove threats from the system.


Answer : A

Which duties are part of a triage analyst role in security operations?

  • A. Proactively hunting for threats, vulnerabilities, and exploits
  • B. Supporting only the most complex incident responses and reviewing forensic and telemetry data for threats
  • C. Providing detailed threat intelligence reports and recommendations for remediation
  • D. Identifying the source, scope, and impact of an incident


Answer : D

What is a benefit of SD-WAN versus traditional WANs?

  • A. Reliance on multiple different WAN connection types and licenses is removed.
  • B. All physical WAN components can be easily removed and replaced without network disruption.
  • C. Administrators can deploy WAN connection policies across an entire network at once.
  • D. WANs are physically connected and strengthened against electromagnetic interference.


Answer : C

What is the fundamental role of a proxy server in internet communication?

  • A. Enhancing the processing power of a user device when accessing internet.
  • B. Managing and securing email communications.
  • C. Acting as an intermediary, routing traffic between users and online resources.
  • D. Directly connecting endpoint agents to web servers.


Answer : C

Which function is a part of security operations?

  • A. Migrate
  • B. Eliminate
  • C. Mitigate
  • D. Orchestrate


Answer : C

Which activity is a core component of the Improve function is security operations?

  • A. Deployment new security tools and technologies
  • B. Performing routine hardware upgrades
  • C. Updating incident response plans based on lessons learned
  • D. Training users on basic cybersecurity awareness


Answer : C

Page:    1 / 8   
Exam contains 113 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy | Amazon Exams | Cisco Exams | CompTIA Exams | Databricks Exams | Fortinet Exams | Google Exams | Microsoft Exams | VMware Exams