Palo Alto Exam Study Questions

Document Content and Description Below

Palo Alto Exam Study Questions Which role in the Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations ensures that an effective program is established ... and implemented for the organization by establishing expectations and requirements for the organizations's ISCM program; working closely with authorizing officials to provide funding, personnel, and other resources to support ISCM; and maintaining high-level communications and working group relationships among organizational entities? Select one: a. Authorizing Official (AO) b. Senior Information Security Officer (SISO) c. Chief Information Officer (CIO) d. Head of Agency (HOA) - ✔✔CIO In the Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations, which Tier ensures that all system-level security controls (technical, operational, and management) are implemented correctly, operate as intended, produce the desired outcome with respect to meeting the security requirements for the system, and continue to be effective over time? Select one: a. Tier 2 - Mission/Business Process b. Tier 1 - Organization c. Tier 3 - Information Systems d. Tier 4 - System Authorization - ✔✔Tier 3 Which is the correct order for the Risk Management Framework (RMF) structured process in the Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations System? Select one: a. Categorize, Select, Implement, Assess, Authorize, Monitor b. Select, Categorize, Implement, Assess, Authorize, Monitor c. Categorize, Select, Implement, Authorize, Assess, Monitor d. Monitor, Select, Implement, Assess, Authorize, Categorize - ✔✔a Which type of social engineering attack involves hackers who impersonate IT service people and who spam call as many direct numbers that belong to a company as they can find? These attackers offer IT assistance to each and every one of their victims. Select one: a. Pretexting b. Quid Pro Quo c. Baiting d. Phishing - ✔✔Quid Pro Quo Which Palo Alto Networks Next Generation Firewall URL Category Action sends a response page to the user's browser that prompts the user for the administrator-defined override password, and logs the action to the URL Filtering log? Select one: a. override b. continue c. block d. alert - ✔✔override Which Next Generation Firewall URL filter setting is used to prevent users who use the Google, Yahoo, Bing, Yandex, or YouTube search engines from viewing search results unless their browser is configured with the strict safe search option. Select one: a. User Credential Detection b. Log Container Page Only c. Safe Search Enforcement d. HTTP Header Logging - ✔✔c A "continue" action can be configured on the following security profiles in the Next Generation firewall: Select one: a. URL Filtering, File Blocking, and Data Filtering b. URL Filtering c. URL Filtering and File Blocking d. URL Filtering and Antivirus - ✔✔c Which URL filtering security profile action logs the category to the URL filtering log? Select one: a. Default b. Alert c. Allow d. Log - ✔✔Alert Which is the correct URL matching order on a Palo Alto Networks Next Generation Firewall? Select one: a. Allow, Block, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PANDB Cloud b. Block, Allow, External Dynamic, Custom URL, PAN-DB Cache, PAN-DB Download, PANDB Cloud c. Block, Allow, Custom URL, External Dynamic, PAN-DB Download, PAN-DB Cloud, PANDB Cache d. Block, Allow, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PANDB Cloud - ✔✔d Which web development program is an object-oriented, class-based and concurrent language that was developed by Sun Microsystems in the 1990s? Select one: a. Java b. Python c. PHP d. Ruby - ✔✔Java On the Next Generation firewall, what type of security profile detects infected files being transferred with the application? Select one: a. URL Filtering b. Anti-Virus c. File Blocking d. Vulnerability Protection e. WildFire Analysis - ✔✔Anti-Virus What is the benefit of enabling the "passive DNS monitoring" checkbox on the Next Generation firewall? Select one or more: a. Improved DNS based command and control signatures b. Improved PAN DB malware detection c. Improved malware detection in Wildfire d. Improved anti-virus detection - ✔✔a b c To properly configure DOS protection to limit the number of sessions individually from specific source IPS you would configure a DOS Protection rule with the following characteristics: Select one: a. Action: Protect, Aggregate Profile with "Resources Protection" configured b. Action: Deny, Classified Profile with "Resources Protection" configured, and Classified Address with "source-ip-only" configured c. Action: Protect, Classified Profile with "Resources Protection" configured, and Classified Address with "source-ip-only" configured d. Action: Deny, Aggregate Profile with "Resources Protection" configured - ✔✔c Which NIST Access Control Primitive permits the subject to perform an action on an object? Select one: a. Privilege b. Action c. Capability d. Object - ✔✔Action Which PEN testing methodology is Open Source and tests the operational security of physical locations, workflow, human security testing, physical security testing, wireless security testing, telecommunication security testing, data networks security testing and compliance? Select one: a. OSSTMM b. ISSAF c. PCI DSS d. PTES - ✔✔OSSTMM Which security testing technical assessment technique can identify systems, ports, services, and potential vulnerabilities, and may be performed manually but are generally performed using automated tools? They include network discovery, network port and service identification, vulnerability scanning, wireless scanning, and application security examination. Select one: a. Vulnerability Assessment b. Target Identification and Analysis c. Review d. Target Vulnerability Validation - ✔✔Target Identification and Analysis Which color of the Traffic Light Protocol (TLP) indicates that information requires support to be acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved? Select one: a. Green b. White c. Red d. Ambe - ✔✔Amber On the Next Generation firewall, application groups are always automatically updated when new applications are added to the App-ID database. Select one: True False - ✔✔False Overt security testing, also known as white hat testing, involves performing external and/or internal testing with the knowledge and consent of the organization's IT staff, enabling comprehensive evaluation of the network or system security posture. Select one: True False - ✔✔True When using config audit to compare configuration files on a Next Generation firewall, what does the yellow indication reveal? Select one: a. None b. Change c. Deletion d. Addition - ✔✔Change Which NGFW security policy rule applies to all matching traffic within the specified source zones? Select one: a. Universal b. Intrazone c. Interzone d. Default - ✔✔Intrazone What two interface types on the Next Generation firewall provide support for Network Address Translation? Select one or more: a. Tap b. Layer2 c. Virtual Wire d. HA e. Layer 3 - ✔✔c e What should be configured as the destination zone on the original packet tab of the NAT Policy rule in the Next Generation firewall? Select one: a. Trust-L3 b. Any c. Untrust-L3 d. DMZ-L3 - ✔✔Untrust-L3 Which is the correct order for the NIST Cybersecurity Framework process? Select one: a. Identify, Protect, Detect, Respond, Recover b. Identify, Detect, Protect, Respond, Recover c. Detect, Identify, Protect, Respond, Recover d. Identify, Protect, Detect, Recover, Respond - ✔✔a Which NIST Cybersecurity Framework component supports prioritization and measurement while factoring in business needs? Select one: a. Framework Implementation Tier b. Framework Profile c. Framework Core d. Framework Policy - ✔✔Framework Profile Traffic going to a public IP address is being translated by a Next Generation firewall to an internal server private IP address. Which IP address should the security policy use as the destination IP in order to allow traffic to the server? Select one: a. The server public IP b. The firewall gateway IP c. The server private IP d. The firewall Management port IP - ✔✔The server public IP Which source address translation type will allow multiple devices to share a single translated source address while using a single NAT Policy rule on the Next Generation firewall? Select one: a. Static IP b. Dynamic IP c. Dynamic IP and Port d. Bi-Directional - ✔✔Dynamic IP and Port On the Next Generation firewall, if there is a NAT policy - there must also be a security policy. Select one: True False - ✔✔True Security policy rules on the Next Generation firewall specify a source and a destination interface. Select one: True False - ✔✔False Which type of interface will allow the firewall to be inserted into an existing topology without requiring any reallocation of network addresses or redesign on the network topology? Select one: a. Virtual Wire b. Tap c. Layer 2 d. Layer 3 - ✔✔Virtual Wire [Show More]

Last updated: 2 years ago

Preview 1 out of 13 pages