Palo Alto Exam Study Questions
Which role in the Information Security Continuous Monitoring (ISCM) for Federal Information
Systems and Organizations ensures that an effective program is established and implemented for
...
Palo Alto Exam Study Questions
Which role in the Information Security Continuous Monitoring (ISCM) for Federal Information
Systems and Organizations ensures that an effective program is established and implemented for
the organization by establishing expectations and requirements for the organizations's ISCM
program; working closely with authorizing officials to provide funding, personnel, and other
resources to support ISCM; and maintaining high-level communications and working group
relationships among organizational entities?
Select one:
a. Authorizing Official (AO)
b. Senior Information Security Officer (SISO)
c. Chief Information Officer (CIO)
d. Head of Agency (HOA) - ✔✔CIO
In the Information Security Continuous Monitoring (ISCM) for Federal Information Systems and
Organizations, which Tier ensures that all system-level security controls (technical, operational,
and management) are implemented correctly, operate as intended, produce the desired outcome
with respect to meeting the security requirements for the system, and continue to be effective
over time?
Select one:
a. Tier 2 - Mission/Business Process
b. Tier 1 - Organization
c. Tier 3 - Information Systems
d. Tier 4 - System Authorization - ✔✔Tier 3
Which is the correct order for the Risk Management Framework (RMF) structured process in the
Information Security Continuous Monitoring (ISCM) for Federal Information Systems and
Organizations System?
Select one:
a. Categorize, Select, Implement, Assess, Authorize, Monitor
b. Select, Categorize, Implement, Assess, Authorize, Monitor
c. Categorize, Select, Implement, Authorize, Assess, Monitor
d. Monitor, Select, Implement, Assess, Authorize, Categorize - ✔✔a
Which type of social engineering attack involves hackers who impersonate IT service people and
who spam call as many direct numbers that belong to a company as they can find? These
attackers offer IT assistance to each and every one of their victims.
Select one:
a. Pretexting
b. Quid Pro Quo
c. Baiting
d. Phishing - ✔✔Quid Pro Quo
Which Palo Alto Networks Next Generation Firewall URL Category Action sends a response
page to the user's browser that prompts the user for the administrator-defined override password,
and logs the action to the URL Filtering log?
Select one:
a. override
b. continue
c. block
d. alert - ✔✔override
Which Next Generation Firewall URL filter setting is used to prevent users who use the Google,
Yahoo, Bing, Yandex, or YouTube search engines from viewing search results unless their
browser is configured with the strict safe search option.
Select one:
a. User Credential Detection
b. Log Container Page Only
c. Safe Search Enforcement
d. HTTP Header Logging - ✔✔c
A "continue" action can be configured on the following security profiles in the Next Generation
firewall:
Select one:
a. URL Filtering, File Blocking, and Data Filtering
b. URL Filtering
c. URL Filtering and File Blocking
d. URL Filtering and Antivirus - ✔✔c
Which URL filtering security profile action logs the category to the URL filtering log?
Select one:
a.
Default
b.
Alert
c. Allow
d.
Log - ✔✔Alert
Which is the correct URL matching order on a Palo Alto Networks Next Generation Firewall?
Select one:
a. Allow, Block, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PANDB Cloud
b. Block, Allow, External Dynamic, Custom URL, PAN-DB Cache, PAN-DB Download, PANDB Cloud
c. Block, Allow, Custom URL, External Dynamic, PAN-DB Download, PAN-DB Cloud, PANDB Cache
d. Block, Allow, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PANDB Cloud - ✔✔d
Which web development program is an object-oriented, class-based and concurrent language that
was developed by Sun Microsystems in the 1990s?
Select one:
a. Java
b. Python
c. PHP
d. Ruby - ✔✔Java
On the Next Generation firewall, what type of security profile detects infected files being
transferred with the application?
Select one:
a. URL Filtering
b. Anti-Virus
c. File Blocking
d. Vulnerability Protection
e. WildFire Analysis - ✔✔Anti-Virus
What is the benefit of enabling the "passive DNS monitoring" checkbox on the Next Generation
firewall?
Select one or more:
a. Improved DNS based command and control signatures
b. Improved PAN DB malware detection
c. Improved malware detection in Wildfire
d. Improved anti-virus detection - ✔✔a b c
To properly configure DOS protection to limit the number of sessions individually from specific
source IPS you would configure a DOS Protection rule with the following characteristics:
Select one:
a. Action: Protect, Aggregate Profile with "Resources Protection" configured
b. Action: Deny, Classified Profile with "Resources Protection" configured, and Classified
Address with "source-ip-only" configured
c. Action: Protect, Classified Profile with "Resources Protection" configured, and Classified
Address with "source-ip-only" configured
d. Action: Deny, Aggregate Profile with "Resources Protection" configured - ✔✔c
Which NIST Access Control Primitive permits the subject to perform an action on an object?
Select one:
a. Privilege
b. Action
c. Capability
d. Object - ✔✔Action
Which PEN testing methodology is Open Source and tests the operational security of physical
locations, workflow, human security testing, physical security testing, wireless security testing,
telecommunication security testing, data networks security testing and compliance?
Select one:
a. OSSTMM
b. ISSAF
c. PCI DSS
d. PTES - ✔✔OSSTMM
Which security testing technical assessment technique can identify systems, ports, services, and
potential vulnerabilities, and may be performed manually but are generally performed using
automated tools? They include network discovery, network port and service identification,
vulnerability scanning, wireless scanning, and application security examination.
Select one:
a. Vulnerability Assessment
b. Target Identification and Analysis
c. Review
d. Target Vulnerability Validation - ✔✔Target Identification and Analysis
Which color of the Traffic Light Protocol (TLP) indicates that information requires support to be
acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the
organizations involved?
Select one:
a. Green
b. White
c. Red
d. Ambe - ✔✔Amber
On the Next Generation firewall, application groups are always automatically updated when new
applications are added to the App-ID database.
Select one:
True
False - ✔✔False
Overt security testing, also known as white hat testing, involves performing external and/or
internal testing with the knowledge and consent of the organization's IT staff, enabling
comprehensive evaluation of the network or system security posture.
Select one:
True
False - ✔✔True
When using config audit to compare configuration files on a Next Generation firewall, what does
the yellow indication reveal?
Select one:
a. None
b. Change
c. Deletion
d. Addition - ✔✔Change
Which NGFW security policy rule applies to all matching traffic within the specified source
zones?
Select one:
a. Universal
b. Intrazone
c. Interzone
d. Default - ✔✔Intrazone
What two interface types on the Next Generation firewall provide support for Network Address
Translation?
Select one or more:
a. Tap
b. Layer2
c. Virtual Wire
d. HA
e. Layer 3 - ✔✔c e
What should be configured as the destination zone on the original packet tab of the NAT Policy
rule in the Next Generation firewall?
Select one:
a. Trust-L3
b. Any
c. Untrust-L3
d. DMZ-L3 - ✔✔Untrust-L3
Which is the correct order for the NIST Cybersecurity Framework process?
Select one:
a. Identify, Protect, Detect, Respond, Recover
b. Identify, Detect, Protect, Respond, Recover
c. Detect, Identify, Protect, Respond, Recover
d. Identify, Protect, Detect, Recover, Respond - ✔✔a
Which NIST Cybersecurity Framework component supports prioritization and measurement
while factoring in business needs?
Select one:
a. Framework Implementation Tier
b. Framework Profile
c. Framework Core
d. Framework Policy - ✔✔Framework Profile
Traffic going to a public IP address is being translated by a Next Generation firewall to an
internal server private IP address. Which IP address should the security policy use as the
destination IP in order to allow traffic to the server?
Select one:
a. The server public IP
b. The firewall gateway IP
c. The server private IP
d. The firewall Management port IP - ✔✔The server public IP
Which source address translation type will allow multiple devices to share a single translated
source address while using a single NAT Policy rule on the Next Generation firewall?
Select one:
a. Static IP
b. Dynamic IP
c. Dynamic IP and Port
d. Bi-Directional - ✔✔Dynamic IP and Port
On the Next Generation firewall, if there is a NAT policy - there must also be a security policy.
Select one:
True
False - ✔✔True
Security policy rules on the Next Generation firewall specify a source and a destination interface.
Select one:
True
False - ✔✔False
Which type of interface will allow the firewall to be inserted into an existing topology without
requiring any reallocation of network addresses or redesign on the network topology?
Select one:
a. Virtual Wire
b. Tap
c. Layer 2
d. Layer 3 - ✔✔Virtual Wire
[Show More]