NEW QUESTION 1
Which TCP/IP sub-protocol operates at the Layer7 of the OSI model?

• A. UDP
• B. MAC
• C. SNMP
• D. NFS

Answer: C

NEW QUESTION 2
Which option describes the “selective network security virtualization” phase of incrementally
transforming data centers?

• A. during the selective network security virtualization phase, all intra-host communication paths are strictly controlled
• B. during the selective network security virtualization phase, all intra-host traffic is forwarded to a Web proxy server
• C. during the selective network security virtualization phase, all intra-host traffic is encapsulated and encrypted using the IPSEC protocol
• D. during the selective network security virtualization phase, all intra-host traffic is load balanced

Answer: A

NEW QUESTION 3
Why is it important to protect East-West traffic within a private cloud?

• A. All traffic contains threats, so enterprises must protect against threats across the entire network
• B. East-West traffic contains more session-oriented traffic than other traffic
• C. East-West traffic contains more threats than other traffic
• D. East-West traffic uses IPv6 which is less secure than IPv4

Answer: A

NEW QUESTION 4
What is the key to “taking down” a botnet?

• A. prevent bots from communicating with the C2
• B. install openvas software on endpoints
• C. use LDAP as a directory service
• D. block Docker engine software on endpoints

Answer: A

NEW QUESTION 5
Which pillar of Prisma Cloud application security addresses ensuring that your cloud resources and SaaS applications are correctly configured?

• A. visibility, governance, and compliance
• B. network protection
• C. dynamic computing
• D. compute security

Answer: A

NEW QUESTION 6
The customer is responsible only for which type of security when using a SaaS application?

• A. physical
• B. platform
• C. data
• D. infrastructure

Answer: C

NEW QUESTION 7
Systems that allow for accelerated incident response through the execution of standardized and automated playbooks that work upon inputs from security technology and other data flows are known as what?

• A. XDR
• B. STEP
• C. SOAR
• D. SIEM

Answer: C

NEW QUESTION 8
Which Palo Alto Networks subscription service complements App-ID by enabling you to configure the next-generation firewall to identify and control access to websites and to protect your organization from websites hosting malware and phishing pages?

• A. Threat Prevention
• B. DNS Security
• C. WildFire
• D. URL Filtering

Answer: D

NEW QUESTION 9
When signature-based antivirus software detects malware, what three things does it do to provide protection? (Choose three.)

• A. decrypt the infected file using base64
• B. alert system administrators
• C. quarantine the infected file
• D. delete the infected file
• E. remove the infected file’s extension

Answer: CDE

NEW QUESTION 10
Which option is an example of a North-South traffic flow?

• A. Lateral movement within a cloud or data center
• B. An internal three-tier application
• C. Client-server interactions that cross the edge perimeter
• D. Traffic between an internal server and internal user

Answer: C

NEW QUESTION 11
Which statement describes DevOps?

• A. DevOps is its own separate team
• B. DevOps is a set of tools that assists the Development and Operations teams throughout the software delivery process
• C. DevOps is a combination of the Development and Operations teams
• D. DevOps is a culture that unites the Development and Operations teams throughout the software delivery process

Answer: B

NEW QUESTION 12
Which tool supercharges security operations center (SOC) efficiency with the world’s most comprehensive operating platform for enterprise security?

• A. Prisma SAAS
• B. WildFire
• C. Cortex XDR
• D. Cortex XSOAR

Answer: D

NEW QUESTION 13
Which attacker profile uses the internet to recruit members to an ideology, to train them, and to spread fear and include panic?

• A. Cybercriminals
• B. state-affiliated groups
• C. hacktivists
• D. cyberterrorists

Answer: D

NEW QUESTION 14
Which key component is used to configure a static route?

• A. router ID
• B. enable setting
• C. routing protocol
• D. next hop IP address

Answer: D

NEW QUESTION 15
Which product from Palo Alto Networks enables organizations to prevent successful cyberattacks as well as simplify and strengthen security processes?

• A. Expedition
• B. AutoFocus
• C. MineMeld
• D. Cortex XDR

Answer: D

NEW QUESTION 16
What is the primary security focus after consolidating data center hypervisor hosts within trust levels?

• A. control and protect inter-host traffic using routers configured to use the Border Gateway Protocol (BGP) dynamic routing protocol
• B. control and protect inter-host traffic by exporting all your traffic logs to a sysvol log server using the User Datagram Protocol (UDP)
• C. control and protect inter-host traffic by using IPv4 addressing
• D. control and protect inter-host traffic using physical network security appliances

Answer: D

NEW QUESTION 17
Which network analysis tool can be used to record packet captures?

• A. Smart IP Scanner
• B. Wireshark
• C. Angry IP Scanner
• D. Netman

Answer: B

NEW QUESTION 18
Which subnet does the host 192.168.19.36/27 belong?

• A. 192.168.19.0
• B. 192.168.19.16
• C. 192.168.19.64
• D. 192.168.19.32

Answer: D

NEW QUESTION 19
Which item accurately describes a security weakness that is caused by implementing a “ports first” data security solution in a traditional data center?

• A. You may have to use port numbers greater than 1024 for your business-critical applications.
• B. You may have to open up multiple ports and these ports could also be used to gain unauthorized entry into your datacenter.
• C. You may not be able to assign the correct port to your business-critical applications.
• D. You may not be able to open up enough ports for your business-critical applications which will increase the attack surface area.

Answer: B

NEW QUESTION 20
SecOps consists of interfaces, visibility, technology, and which other three elements?
(Choose three.)

• A. People
• B. Accessibility
• C. Processes
• D. Understanding
• E. Business

Answer: ACE

NEW QUESTION 21
......