Summer Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Paloalto Networks Apprentice Palo Alto Networks Cybersecurity Apprentice Exam Practice Test

Page: 1 / 12
Total 115 questions

Palo Alto Networks Cybersecurity Apprentice Questions and Answers

Question 1

Which stage of the cyber attack lifecycle is characterized by attackers passing instructions back and forth between infected devices and their own infrastructure?

Options:

A.

Command and Control (C2)

B.

Weaponization and Delivery

C.

Exploitation

D.

Reconnaissance

Question 2

Which components are secured by the cloud provider in a shared responsibility model?

Options:

A.

Virtual machines

B.

On-premises connectivity to hosts

C.

Website authentication

D.

Host servers

Question 3

What does a host-based firewall primarily attempt to prevent?

Options:

A.

Exhaustion of network memory resources

B.

Privilege escalation

C.

Pop-up advertisements

D.

Unauthorized or suspicious network connections

Question 4

What is a result of the Actions on the Objective phase in the cyber attack lifecycle?

Options:

A.

Host sweeps and port scans are performed.

B.

Outbound communication channels are established.

C.

Data is exfiltrated and web property is defaced.

D.

Exploits are launched against a vulnerable application.

Question 5

What is the primary responsibility of the cloud provider in the cloud shared responsibility model?

Options:

A.

Configuring application-level security settings

B.

Securing underlying physical servers and network infrastructure

C.

Providing end-user training on application usage

D.

Monitoring and managing user access and permissions

Question 6

What is a software service that defines user or group identities in software environments and associates permissions?

Options:

A.

IAM

B.

WAN

C.

IKE

D.

DNS

Question 7

What are two components of multi-factor authentication (MFA)? (Choose two.)

Options:

A.

Something you know

B.

Something you observe

C.

Something you have

D.

Something you create

Question 8

Which tunnel protocol is used to secure communications over HTTPS?

Options:

A.

IKE

B.

GRE

C.

SSH

D.

TLS

Question 9

What is an encrypted connection that secures data transmission between devices over the internet?

Options:

A.

WAN

B.

MPLS

C.

CASB

D.

VPN

Question 10

Which pillar should a company focus on first when establishing a new security operations department?

Options:

A.

Technology

B.

Processes

C.

People

D.

Business

Question 11

Which device is an endpoint?

Options:

A.

Smart light bulb

B.

Smart plug

C.

Display monitor

D.

Smart watch

Question 12

Which type of device does a Host-Based Intrusion Detection System (HIDS) monitor?

Options:

A.

Appliance

B.

Computer

C.

Switch

D.

Router

Question 13

Which type of segmentation divides traffic based on the interface on which a packet is received or sent?

Options:

A.

Zone

B.

Port

C.

Application

D.

Role

Question 14

Which stage of the cyber attack lifecycle is characterized by an attacker passing instructions back and forth between infected devices and their own infrastructure?

Options:

A.

Command-and-control (C2)

B.

Exploitation

C.

Reconnaissance

D.

Weaponization and Delivery

Question 15

Which device operates at OSI Layer 2?

Options:

A.

Hub

B.

Switch

C.

Router

D.

Modem

Question 16

A data center needs to secure its infrastructure from network-based threats. Which two technologies will address this need? (Choose two.)

Options:

A.

Next-generation firewall

B.

Intrusion prevention system (IPS)

C.

Intrusion detection system (IDS)

D.

Proxy

Question 17

What is a self-contained operating environment that behaves like a computer separate from the physical host?

Options:

A.

WAN accelerator

B.

Virtual Machine (VM)

C.

Hypervisor

D.

Container

Question 18

What is the purpose of continuous deployment in the CI/CD lifecycle?

Options:

A.

Maintaining a state in which any version of the software can be deployed to a production environment.

B.

Merging code changes into a central repository

C.

Packaging code into a Docker container for deployment

D.

Automatically deploying every change that passes the automated tests to production, minimizing lead time

Question 19

Which two sets of actions are examples of multi-factor authentication (MFA)? (Choose two.)

Options:

A.

Answering a security question and providing a thumbprint

B.

Entering a PIN and scanning a smart card

C.

Scanning the palm of one hand followed by the other hand

D.

Answering three sequential security questions

Question 20

What does DHCP provide to a client?

Options:

A.

Zone

B.

MAC address

C.

IP address

D.

Port range

Question 21

Which device reads information from packets at the application layer of the OSI model to determine if traffic should be forwarded?

Options:

A.

WAN accelerator

B.

Router

C.

Switch

D.

Next-generation firewall

Question 22

Which statement best distinguishes a Host-Based Intrusion Detection System (HIDS) from a Network-Based Intrusion Detection System (NIDS)?

Options:

A.

Network-Based is installed on an individual endpoint to monitor all inbound/outbound traffic of that device.

B.

Host-Based is installed on an individual endpoint to monitor all inbound/outbound traffic of that traffic.

C.

Host-Based directly integrates with the endpoint and is known as the last line of defense.

D.

Network-Based directly integrates with the endpoint and is known as the last line of defense.

Question 23

Which statement describes both stateful firewalls and stateless firewalls?

Options:

A.

Stateful firewalls encrypt all traffic they inspect; stateless firewalls only pass through unencrypted traffic.

B.

Stateful firewalls are primary hardware appliances; stateless firewalls are exclusively software-based.

C.

Stateful firewalls only allow access to internal applications; stateless firewalls allow connections only to the internet.

D.

Stateful firewalls track and secure ongoing connections; stateless firewalls inspect each packet individually.

Question 24

What is responsible for securing web access for managed and unmanaged devices?

Options:

A.

IDS

B.

Cloud workload protection (CWP)

C.

Enterprise browser

D.

VLAN

Question 25

Which statement describes network as a service (NaaS)?

Options:

A.

Cloud-delivered infrastructure service providing network resources on demand

B.

Software application that monitors network performance and security

C.

Traditional model in which enterprises own and manage their physical network infrastructure

D.

Set of protocols used to standardize communication within a LAN

Question 26

What is a purpose of security operations?

Options:

A.

Investigating security events

B.

Tracking assets

C.

Installing endpoint security software

D.

Aligning applications to compliance standards

Question 27

What is the purpose of the IKE protocol?

Options:

A.

To manage IP addresses and assign them to devices

B.

To authenticate users accessing a wireless network

C.

To establish authenticated communication channels

D.

To translate domain names into IP addresses

Question 28

Which metric measures how long it takes a security team to detect a cybersecurity incident?

Options:

A.

MTTR

B.

MTTD

C.

MFA

D.

NAT

Question 29

Which segmentation method will limit the number of devices that can be granted a private IP address in a network?

Options:

A.

NAT

B.

Static routing

C.

IP subnetting

D.

VLAN

Question 30

In which use case would URL filtering be an appropriate solution?

Options:

A.

Redirecting malicious DNS traffic to a sinkhole

B.

Blocking large file transfers over a network

C.

Preventing employees from accessing social media sites during work hours

D.

Encrypting outgoing emails containing confidential information

Question 31

What is a benefit of SD-WAN versus traditional WANs?

Options:

A.

Reliance on multiple different WAN connection types and licenses is removed.

B.

All physical WAN components can be easily removed and replaced without network disruption.

C.

Administrators can deploy WAN connection policies across an entire network at once.

D.

WANs are physically connected and strengthened against electromagnetic interference.

Question 32

Which OSI layer is used to determine how long communications are open between two devices?

Options:

A.

Transport

B.

Application

C.

Session

D.

Network

Question 33

What is the purpose of an API?

Options:

A.

It allows operating systems to redesign themselves.

B.

It allows machine learning models to internally check datagrams.

C.

It allows hardware controls to be modified.

D.

It allows software applications to share data.

Question 34

What is a function of a cloud-native security platform (CNSP)?

Options:

A.

Protecting applications at runtime

B.

Generating cost analysis

C.

Sandboxing ransomware

D.

Executing penetration testing

Page: 1 / 12
Total 115 questions