Palo Alto PCCET Questions with Correct Answers
What does CVE mean?
A. Computer Vulnerabilities and their Exploits
B. Computer Vulnerabilities and Exposures
C. Common Vulnerabilities and their Exploits
D. Common Vulnerabilities and Exposures - Answer-D
What is the difference between CVE and ...
Palo Alto PCCET Questions with
Correct Answers
What does CVE mean?
A. Computer Vulnerabilities and their Exploits
B. Computer Vulnerabilities and Exposures
C. Common Vulnerabilities and their Exploits
D. Common Vulnerabilities and Exposures - Answer-D
What is the difference between CVE and CVSS?
A. CVE tells you what the vulnerabilities are. CVSS gives vulnerabilities a score (0-10)
to evaluate how serious they are.
B. CVE is on a scale of low, medium, high, critical. CVSS is on a scale of 0-100.
C. CVSS tells you what the vulnerabilities are. CVE gives vulnerabilities a score (0-10)
to evaluate how serious they are.
D. CVE is on a scale of 0-100. CVSS is on a scale of 0-10. - Answer-A
External threat actors have accounted for the majority of data breaches over the past
five years. (True or False) - Answer-F
Which group is likely to attack indiscriminately, whether you are a valuable target or
not?
A. hacktivists
B. cybercriminals
C. cyberterrorists
D. state-affiliated groups - Answer-C
Which group is primarily motivated by money?
A. hacktivists
B. cybercriminals
C. cyberterrorists
D. state-affiliated groups - Answer-B
The cyberattack lifecycle is a seven-step process. (True or False) - Answer-F
An attacker needs to succeed in executing only one step of the cyberattack lifecycle to
infiltrate a network, whereas a defender must "be right every time" and break every step
of the chain to prevent an attack. (True or False) - Answer-F
The key to breaking the cyberattack lifecycle during the Installation phase is to
implement network segmentation, a Zero Trust model, and granular control of
applications to limit or restrict an attacker's lateral movement within the network. (True
or False) - Answer-T
,Which stage of the cyberattack lifecycle can be identified by port scans from external
sources?
A. Reconnaissance
B. Weaponization and Delivery
C. Exploitation
D. Installation - Answer-A
Which stage of the cyberattack lifecycle involves querying public databases and testing
exploits in the attacker's internal network?
A. Reconnaissance
B. Weaponization and Delivery
C. Exploitation
D. Installation - Answer-B
Which step is involved in getting malware to run on the inside of the targeted
organization?
A. Weaponization and Delivery
B. Exploitation and Installation
C. Command and Control
D. Actions on the Objective - Answer-B
In which stage of the cyberattack lifecycle would you identify unusual communication
between an internal database that should not access the internet and an external
server?
A. Exploitation
B. Installation
C. Command and Control
D. Actions on the Objective - Answer-C
Which two malware types are self-replicating? (Choose two.)
A. logic bomb
B. backdoor
C. virus
D. trojan horse
E. worm - Answer-CE
Which two malware types are likely to be left behind by a disgruntled employee?
(Choose two.)
A. logic bomb
B. backdoor
C. virus
D. trojan horse
E. worm - Answer-AB
Which two malware types require external communication channels? (Choose two.)
,A. ransomware
B. spyware
C. adware
D. logic bomb - Answer-BC
What is the term for an unauthorized remote access program?
A. logic bomb
B. backdoor
C. virus
D. trojan horse - Answer-B
Which statement is correct?
A. A security researcher might write a vulnerability to demonstrate an exploit.
B. A security researcher might write an exploit to demonstrate a vulnerability.
C. Exploits often are the result of poorly trained programmers.
D. Exploits always are the vendor's responsibility. - Answer-B
Which type of cyberattack sends extremely high volumes of network traffic such as
packets, data, or transactions that render the victim's network unavailable or unusable?
A. distributed denial-of-service (DDoS)
B. spamming botnet
C. phishing botnet
D. denial-of-service (DoS) - Answer-A
Which core component of Cortex combines security orchestration, incident
management, and interactive investigation to serve security teams across the incident
lifecycle?
A. AutoFocus
B. Cortex XDR
C. Cortex XSOAR
D. Cortex Data Lake - Answer-C
Which type of advanced malware has entire sections of code that serve no purpose
other than to change the signature of the malware, thus producing an infinite number of
signature hashes for even the smallest of malware programs?
A. distributed
B. polymorphic
C. multi-functional
D. obfuscated - Answer-B
Which type of phishing attack is specifically directed at senior executives or other high-
profile targets within an organization?
A. whaling
B. watering hole
C. pharming
D. spear phishing - Answer-A
, Which wireless security protocol includes improved security for IoT devices, smart
bulbs, wireless appliances, and smart speakers?
A. WPA2
B. WPA3
C. WPA1
D. WEP - Answer-B
Which tactic, technique, or procedure (TTP) masks application traffic over port 443
(HTTPS)?
A. using non-standard ports
B. hopping ports
C. hiding within SSL encryption
D. tunneling - Answer-C
Which specific technology is associated with Web 3.0?
A. social networks
B. instant messaging
C. remote meeting software
D. blockchain - Answer-D
Which Wi-Fi attack leverages device information about which wireless networks it
previously connected to?
A. evil twin
B. man-in-the-middle
C. Jasager
D. SSLstrip - Answer-C
Which malware type is installed in the BIOS of a machine, which means operating
system level tools cannot detect it?
A. rootkit
B. logic bomb
C. ransomware
D. spyware - Answer-A
Which Zero Trust capability provides a combination of anti-malware and intrusion
prevention technologies to protect against both known and unknown threats, including
mobile device threats?
A. least privilege
B. secure access
C. inspection of all traffic
D. cyberthreat protection - Answer-D
Which three options describe the relationship and interaction between a customer and
SaaS? (Choose three.)
A. subscription service
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur Scholarsstudyguide. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €11,97. Vous n'êtes lié à rien après votre achat.
