Summer Sale- Special Discount Limited Time 65% Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Paloalto Networks PCCP Palo Alto Certified Cybersecurity Practitioner (PCCP) Exam Practice Test

Page: 1 / 7
Total 70 questions

Palo Alto Certified Cybersecurity Practitioner (PCCP) Questions and Answers

Question 1

When does a TLS handshake occur?

Options:

A.

Before establishing a TCP connection

B.

Only during DNS over HTTPS queries

C.

After a TCP handshake has been established

D.

Independently of HTTPS communications

Question 2

Which next-generation firewall (NGFW) deployment option provides full application visibility into Kubernetes environments?

Options:

A.

Virtual

B.

Container

C.

Physical

D.

SASE

Question 3

What is required for an effective Attack Surface Management (ASM) process?

Options:

A.

Real-time data rich inventory

B.

Static inventory of assets

C.

Periodic manual monitoring

D.

Isolation of assets by default

Question 4

Which type of system collects data and uses correlation rules to trigger alarms?

Options:

A.

SIM

B.

SIEM

C.

UEBA

D.

SOAR

Question 5

Which term describes establishment of on-premises software on a cloud-based server?

Options:

A.

Serverless

B.

Dockers

C.

Cloud-hosted

D.

Kubernetes

Question 6

What is a function of SSL/TLS decryption?

Options:

A.

It applies to unknown threat detection only.

B.

It reveals malware within web-based traffic.

C.

It protects users from social engineering.

D.

It identifies loT devices on the internet.

Question 7

What are two limitations of signature-based anti-malware software? (Choose two.)

Options:

A.

It is unable to detect polymorphic malware.

B.

It requires samples lo be buffered

C.

It uses a static file for comparing potential threats.

D.

It only uses packet header information.

Question 8

An administrator finds multiple gambling websites in the network traffic log.

What can be created to dynamically block these websites?

Options:

A.

URL category

B.

Custom signatures

C.

Decryption policy

D.

Application group

Question 9

What type of attack redirects the traffic of a legitimate website to a fake website?

Options:

A.

Watering hole

B.

Pharming

C.

Spear phishing

D.

Whaling

Question 10

Which component of cloud security is used to identify misconfigurations during the development process?

Options:

A.

Container security

B.

SaaS security

C.

Code security

D.

Network security

Question 11

Which feature of cloud-native security platforms (CNSPs) focuses on protecting virtual machine (VM), container, and serverless deployments against application-level attacks during runtime?

Options:

A.

Workload security

B.

Data security

C.

Asset inventory

D.

Configuration assessment

Question 12

Which type of attack includes exfiltration of data as a primary objective?

Options:

A.

Advanced persistent threat

B.

Denial-of-service (DoS)

C.

Watering hole attack

D.

Cross-Site Scripting (XSS)

Question 13

Which two workflows are improved by integrating SIEMs with other security solutions? (Choose two.)

Options:

A.

Hardware procurement

B.

Log normalization

C.

Initial security team training

D.

Incident response

Question 14

Which of the Cloud-Delivered Security Services (CDSS) will detect zero-day malware by using inline cloud machine learning (ML) and sandboxing?

Options:

A.

DNS security

B.

Advanced WildFire

C.

loT security

D.

Advanced Threat Prevention

Question 15

Which type of firewall should be implemented when a company headquarters is required to have redundant power and high processing power?

Options:

A.

Cloud

B.

Physical

C.

Virtual

D.

Containerized

Question 16

Which endpoint protection security option can prevent malware from executing software?

Options:

A.

Application allow list

B.

DNS Security

C.

URL filtering

D.

Dynamic access control

Question 17

What are two functions of an active monitoring system? (Choose two.)

Options:

A.

Preventing specific changes from being affected in the system

B.

Determining system health using unaltered system data

C.

Detectingmicro-services in a default configuration

D.

Using probes to establish potential load issues

Question 18

What is a reason IoT devices are more susceptible to command-and-control (C2) attacks?

Options:

A.

Decreased connection quality within a local area network

B.

Increased sharing of data through the internet

C.

Higher attack surface due to mobility

D.

Limited batten/ life preventing always-on security

Question 19

What is a dependency for the functionality of signature-based malware detection?

Options:

A.

Frequent database updates

B.

Support of a DLP device

C.

API integration with a sandbox

D.

Enabling quality of service

Question 20

Which tool automates remediation of a confirmed cybersecurity breach?

Options:

A.

SIEM

B.

EDR

C.

SOAR

D.

ISIM

Question 21

Which characteristic of advanced malware makes it difficult to detect?

Options:

A.

Data decompression

B.

Registered certificates

C.

Morphing code

D.

Low traffic volumes

Page: 1 / 7
Total 70 questions