Palo Alto PCCET Questions with Complete Solutions
Who is the most likely target of social engineering?
A. executive management, because it has the most permissions
B. senior IT engineers, because the attacker hopes to get them to disable the security infrastructure
C. junior people, because t...
Palo Alto PCCET Questions with
Complete Solutions
Who is the most likely target of social engineering?
A. executive management, because it has the most permissions
B. senior IT engineers, because the attacker hopes to get them to disable the security
infrastructure
C. junior people, because they are easier to stress and probably not as well trained
D. the accounting department, because it can wire money directly to the attacker's
account - Answer-C
In the cyberattack lifecycle, what does C2 mean?
A. Configuration and Communication
B. Configuration Control
C. Command and Control
D. Communication Control - Answer-C
A server that has a bug that lets a single transaction take it off line is susceptible to
which type of attack?
A. Denial of Service (DoS)
B. Distributed Denial of Service (DDoS)
C. trojan horses
D. worms - Answer-A
Which two attacks typically use a botnet? (Choose two.)
A. social engineering
B. DoS
C. DDoS
D. sending spam to a lengthy mailing list
E. spear phishing - Answer-CD
Which option is least likely to be the purpose of an advanced persistent threat?
A. wire money to an offshore bank account
B. steal classified information
C. expand a botnet to send more spam
D. be able to destroy an enemy's infrastructure in case of a war - Answer-C
Which behavior does an advanced persistent threat use to elude detection?
A. do everything at night, when nobody is monitoring
B. rely exclusively on insiders with privileged access
C. do everything quickly with scripting so that the effect of the threat is achieved by the
time it is detected
D. use a low and slow approach to avoid triggering alarms - Answer-D
,Which two types of behavior could enable someone to eavesdrop on a WiFi network?
(Choose two.)
A. passive
B. inactive
C. yielding
D. active
E. agile - Answer-AD
What is the name of the attack in which the attacker gets the victim to connect to an
access point the attack controls?
A. person in the middle
B. man in the middle
C. access point in the middle
D. access point masquerading - Answer-B
What is the name of the "authentication" method that lets anybody with the password
access a WiFi network?
A. Pre-Shared Key (PSK)
B. Password Authentication (PA)
C. Extensible Authentication Protocol (EAP)
D. service set identifier (SSID) - Answer-A
What is a network demilitarized zone (DMZ)?
A. the safest part of the network, used for the security infrastructure
B. the part of the network you don't secure, for example a network segment used for
visitors to access the internet
C. the database management zone
D. the network zone where you put servers that serve the outside, to limit the exposure -
Answer-D
Which type of traffic flows between the public internet and private DMZ?
A. north-south
B. east-west
C. up-down
D. egress traffic - Answer-A
Which type of traffic flows inside a data center?
A. north-south
B. east-west
C. up-down
D. egress traffic - Answer-B
Which core component of Cortex combines security orchestration, incident
management, and interactive investigation to serve security teams across the incident
lifecycle?
,A. AutoFocus
B. Cortex XDR
C. Cortex XSOAR
D. Cortex Data Lake - Answer-C
Which type of advanced malware has entire sections of code that serve no purpose
other than to change the signature of the malware, thus producing an infinite number of
signature hashes for even the smallest of malware programs?
A. distributed
B. polymorphic
C. multi-functional
D. obfuscated - Answer-B
Which type of phishing attack is specifically directed at senior executives or other high-
profile targets within an organization?
A. whaling
B. watering hole
C. pharming
D. spear phishing - Answer-A
Which wireless security protocol includes improved security for IoT devices, smart
bulbs, wireless appliances, and smart speakers?
A. WPA2
B. WPA3
C. WPA1
D. WEP - Answer-B
Which tactic, technique, or procedure (TTP) masks application traffic over port 443
(HTTPS)?
A. using non-standard ports
B. hopping ports
C. hiding within SSL encryption
D. tunneling - Answer-C
Which specific technology is associated with Web 3.0?
A. social networks
B. instant messaging
C. remote meeting software
D. blockchain - Answer-D
Which Wi-Fi attack leverages device information about which wireless networks it
previously connected to?
A. evil twin
B. man-in-the-middle
C. Jasager
D. SSLstrip - Answer-C
, Which malware type is installed in the BIOS of a machine, which means operating
system level tools cannot detect it?
A. rootkit
B. logic bomb
C. ransomware
D. spyware - Answer-A
Which Zero Trust capability provides a combination of anti-malware and intrusion
prevention technologies to protect against both known and unknown threats, including
mobile device threats?
A. least privilege
B. secure access
C. inspection of all traffic
D. cyberthreat protection - Answer-D
Which three options describe the relationship and interaction between a customer and
SaaS? (Choose three.)
A. subscription service
B. extensive manpower required
C. internet- or application-based
D. complex deployment
E. convenient and economical - Answer-ACE
Mobile devices are easy targets for attacks for which two reasons? (Choose two.)
A. They have poor battery-charging capabilities.
B. They use speaker phones.
C. They stay in an always-on, always-present state.
D. They roam in unsecured areas. - Answer-CD
Which path or tool is used by attackers?
A. storage-area networks (SAN)
B. anti-malware update
C. SaaS
D. threat vector - Answer-D
Which kind of server is a master server that is designed to listen to individual
compromised endpoints and respond with appropriate attack commands?
A. command and control
B. bot
C. web
D. directory services - Answer-A
What type of malware can have multiple control servers distributed all over the world
with multiple fallback options?
A. logic bombs
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur Scholarsstudyguide. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €12,90. Vous n'êtes lié à rien après votre achat.
