620 Palo Alto Quiz Questions
Match the following security concepts: Anti-malware Answer 1 Choose... Vulnerability Detection, L2TP VPN, Heuristics / Signatures, Firewall Reconnaissance Answer 2 Choose... Vulnerability Detection, L2TP VPN,Heuristics / Signatures, Firewall IPSec Answer 3 Choose... Vulnerability Detection, L2TP VPN,Heuristics / Signatures, Firewall Proxy Answer 4 Choose... Vulnerability Detection, L2TP VPN,Heuristics / Signatures, Firewall
1. Heuristics / Signatures 2. Vulnerability Detection 3. L2TP VPN 4.Firewall
What is not a Zero Trust design principle?
Allow internal users to access network services through remote access
Platform as a Service - PaaS - is best described as: Select one: a. An online space where customers can develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. b.An underlying network infrastructure that virtualizes physical computing resources, data partitioning, scaling, security, backup. c.A licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
An online space where customers can develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.
What type of malware allows an attacker to bypass authentication to gain access to a compromised system?
Backdoor
What is an easy way to make your WiFi security stronger and make it more difficult for hackers to discover your wireless network?
Change the Service Set Identifier (SSID)
The first phase of implementing security in virtualized data centers consists of:
Consolidating servers within trust levels
Which of the following are typical mobile device management software capabilities? Select all that apply. Select one or more: - Data Loss Prevention - Policy Enforcement - Personal Firewalls - Malware Prevention
Data Loss Prevention Policy Enforcement Malware Prevention
Which of the following are examples of an endpoint? Select one or more: -Desktop -Smartphone -Point-Of-Sale (POS) Terminal -Mainframe
Desktop Smartphone Point-Of-Sale (POS) Terminal
What type of attack is intended to rapidly cause damage to the victim's network and system infrastructure, as well as their business and reputation?
Distributed Denial of Service (DDoS)
Some important characteristics and capabilities of advanced malware include:
Distributed, fault-tolerant architecture Multi-functionality Hiding techniques such as polymorphism and metamorphism Hiding techniques such as obfuscation
Intra-VM traffic is also known as:
East-West
T/F - Attacks that result in a Data Breach are most likely performed by internal threat actors (employees).
False
True or False. A vulnerability is a small piece of software code, part of a malformed data file, or a sequence (string) of commands created by an attacker to cause unintended or unanticipated behavior in a system or software.
False
True or False. An attacker only needs to successfully execute one step of the Cyber Kill Chain® to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack.
False
True or False. An effective security strategy is to deploy Perimeter-Based Network defenses, where countermeasures are defined at a handful of well-defined ingress/egress points to the network. You can then assume that everything on the internal network can be trusted.
False
True or False. Most cyberattacks today are perpetrated by internal threat actors, such as malicious employees engaging in corporate espionage.
False
True or False. The Lockheed Martin Cyber Kill Chain® framework is a five-step process that an attacker goes through in order to attack a network.
False
True or False. Wired Equivalent Privacy (WEP) is the most effective protocol for securing wireless networks.
False
The ability to withstand a catastrophic series of events is commonly known as:
Fault Tolerance
Which of the following is not a phase of implementing security in virtualized data centers: Select one: - Consolidating servers across trust levels - Consolidating servers within trust levels - Selective network security virtualization - Implementing a static and flat computing fabric
Implementing a static and flat computing fabric
Characteristics of application firewalls include all of the following except: Select one: - Proxies traffic rather than permitting direct communication between hosts - Can be used to implement strong user authentication - Masks the internal network from untrusted networks - Is extremely fast and has no impact on network performance
Is extremely fast and has no impact on network performance
What is the name of the international cybercrime group that delivered the 2014 Sony hack and the 2017 HaoBao campaign?
Lazarus
A Zero Trust network security model is based on which of the following security principles? Select one: - Due Diligence - Least privilege - Non-repudiation - Negative Control
Least privilege
What type of malware is triggered by a specific condition, such as a specific date or a particular user account being disabled?
Logic Bomb
Malicious software or code that typically damages, takes control of, or collects information from an infected endpoint is known as:
Malware
Data that moves in and out of the virtualized environment from the host network or a corresponding traditional data center is also known as:
North-South
PCI DSS is mandated and administered by the:
PCI Security Standards Council (SSC)
Which VPN technology is currently considered the preferred method for securely connecting a remote endpoint device back to an enterprise network? Select one: - Point-to-point Tunneling protocol (PPTP) - Secure Socket Layer (SSL) - Secure Socket tunneling protocol (SSTP) - Internet Protocol Security (IPSEC)
Secure Socket Layer (SSL)
Which of the following techniques and tools are used by an attacker to hide attack communications traffic? Select one or more: - Secure Socket Layer (SSL) Encryption - Process and Remote Access Tools (RATs) - Port Hopping and Dynamic DNS - Web Browsing
Secure Socket Layer (SSL) Encryption Process and Remote Access Tools (RATs) Port Hopping and Dynamic DNS
The cloud computing service model in which a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure is known as:
Software as a Service (SAAS)
T/F - Botnets are commonly designed to be managed by a CnC - Command and Control - server.
True
True or False. Business intelligence (BI) software consists of tools and techniques used to surface large amounts of raw unstructured data to perform a variety of tasks including data mining, event processing, and predictive analytics.
True
True or False. It is possible for an organization to be compliant with all applicable security and privacy regulations for its industry, yet still not be secure.
True
True or False. Most Botnets are designed to withstand the loss of a command and control (CnC) server, meaning that the entire Botnet infrastructure must be disabled almost simultaneously.
True
True or False. Packet-Filtering Firewalls operate at Layer 3 (network layer) of the Open Systems Interconnection (OSI) reference model.
True
True or False. The benefit of moving toward a cloud computing model is that it improves operational efficiencies and lowers capital expenditures.
True
True or False. The process in which end users find personal technology and apps that are more powerful or capable, more convenient, less expensive, quicker to install, and easier to use, than enterprise IT solutions is known as consumerization.
True
Characteristics of unified threat management (UTM) include all of the following except: Select one: - Combines security functions such as firewalls, intrusion detection systems (IDS), anti-malware, and data loss prevention (DLP) in a single appliance. - Enabling all of the security functions in a UTM device can have a significant performance impact. - UTM fully integrates all of the security functions installed on the device. UTM will not effectively manage different device specific functions such as personal firewalls or manufacturer specific tools and resources. - UTM can be a convenient solution for small networks.
UTM fully integrates all of the security functions installed on the device.
Which of the following techniques is NOT used to break the command and control (CnC) phase of the Cyber Kill Chain®? Select one: -Blocking outbound traffic to known malicious sites and IP addresses -DNS sinkholing -Vulnerability and Patch Management -DNS poisoning
Vulnerability and Patch Management
Which of the following WLAN standards is the LEAST secure? Pick two. Select one or more: a. Wireless Protected Access (WPA) b. Wired Equivalent Privacy (WEP) c. Wireless Protected Access 2 (WPA2) d. WiFi Protected Setup ( WPS)
WEP, WPS
What type of malware typically targets a computer network by replicating itself in order to spread rapidly?
Worm
A 'rootkit' is usually associated with which of the following: Select one: a. Denial of service b. Christmas Tree Attack c. Escalation of Privilege
c. Escalation of Privilege
What would be the best description of 'polymorphism and metamorphism' ?
hiding techniques
The terms 'ingress/egress' best match the following descriptions:
incoming / outgoing
