PCCSA - Modules
Which key method does Traps not use to prevent malicious executables on the endpoint?
Access Control Inspection
Which of the following is considered to be the strongest symmetric encryption cryptosystem?
Advanced Encryption Standard (AES)
Which application identification technique determines whether the initially detected application protocol is the "real one" or if it is being used as a tunnel to hide the actual application (for example, Tor might run inside HTTPS).
Application protocol decoding
What term is used to describe a cryptographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message?
Asymmetric encryption
Which three options are threat intelligence sources for AutoFocus? A. WildFire B. URL Filtering with PAN-DB Service C. Unit 42 Threat Intelligence and Research Team D. Third-Party Intrusion Prevention Systems
A, B, C
On the NGFW, which type of User-ID technique can be configured to probe Microsoft Windows servers for active network sessions of a user?
Client Probing
Which Aperture feature enables you to define granular, context-aware policy control that provides you with the ability to drive enforcement and the quarantine of users and data as soon as a violation occurs?
Contextual Data Exposure Control
Which of the following terms describes the process of making and using codes to secure the transmission of information?
Cryptography
The science of encryption is known as which of the following?
Cryptology
Which capability of a Zero-Trust segmentation platform uses a combination of anti-malware, intrusion prevention, and cyberthreat prevention technologies to provide comprehensive protection against both known and unknown threats, including threats on mobile devices?
Cyberthreat protection
Which Content-ID filtering capability controls the transfer of sensitive data patterns such as credit card and social security numbers in application content and attachments?
Data filtering
True or False: The principle of least privilege in network security requires that only the permission or access rights necessary to perform an authorized task is denied.
False
True or false: AutoFocus is an optional module that can be added to Next Generation Firewalls?
False. Autofocus is a subscription-based threat intelligence cloud that fully integrates with the Security Operating Platform, but does not require any configuration changes to NGFWs or Traps Advanced Endpoint Protection.
Which Traps capability enables organizations to identify non-malicious but otherwise undesirable software, such as adware, and prevent it from running in their environment?
Grayware classification
Which of the following is not a benefit of implementing a Zero-Trust network?
Higher total cost of ownership (TCO) with a consolidated and fully integrated security operating platform.
Which of the following is used to describe the information used in conjunction with an algorithm to create ciphertext from plaintext?
Key
A Zero Trust network security model is based on which security principle?
Least privilege
Which of the following is a hybrid cryptosystem that has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications?
PGP
Which algorithm was the first public-key encryption algorithm developed (in 1977) and published for commercial use.
RSA
The capability and benefits of Evident do not include ...
Sanctioned SaaS Security
The process of hiding information within other files, such as digital pictures or other images, is known as which of the following?
Steganography
The Traps agent injects itself into each process as it is started and automatically blocks advanced attacks that would otherwise evade detection.
True
True or False: Content-ID is an Intrusion Prevention feature that protects networks from all types of vulnerability exploits, buffer overflows, DoS attacks, and port scans that lead to the compromise of confidential and sensitive enterprise information.
True
True or False: Hashing functions require the use of keys.
True
True or False: Julius Caesar was associated with an early version of the substitution cipher.
True
True or False: Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.
True
True or False: PKI systems are based on public-key cryptosystems and include digital certificates and certificate authorities
True
True or False: Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.
True
True or False: The primary issue with a perimeter-based network security strategy in which countermeasures are deployed at a handful of well-defined ingress and egress points to the network is that it relies on the assumption that everything on the internal network can be trusted.
True
True or False: The single pass architecture of the NGFW integrates multiple threat prevention disciplines (PIS, anti-malware, URL filtering, etc.) into a single stream-based engine with a uniform signature format.
True
True or False: Two hundred and eighty five computers could crack a 56-bit key in one year, whereas 10 times as many could do it in a little over a month.
True
True or false: Evident provides public cloud infrastructure services security that enables organizations to automate the management of cloud security and compliance risks, so they can minimize the attack surface and protect their public cloud deployments.
True
True or false: Magnifier examines multiple logs, including Enhanced Application Logs, which provide data specifically designed for analytics. Analyzing multiple logs allows Magnifier to track attributes that are nearly impossible to ascertain from traditional threat logs or high-level network flow data.
True
True or false: The key to Traps is blocking core exploit and malware techniques, not the individual attacks.
True
True or false: Traps leverages the intelligence obtained from tens of thousands of subscribers to the WildFire cloud-based threat analysis service to continuously aggregate threat data and maintain the collective immunity of all users across endpoints, networks, and cloud applications.
True
True or false: WildFire performs deep packet inspection of malicious outbound communications to disrupt C&C activity.
True
True or false: Sanctioned SaaS applications fulfill a legitimate business need, but certain usage restrictions may be necessary to reduce risk.
True. Policies regarding application data sharing, PII information and others may need to be enforced in order to properly secure the application and reduce risk.
WildFire operates on which concept?
Virtualized Sandbox