NEW QUESTION 1
Which two items operate at the network layer in the OSI network model? (Choose two.)

• A. IP address
• B. router
• C. switch
• D. MAC address

Answer: AB

NEW QUESTION 2
A firewall located on an organization’s network perimeter can be used to protect against which type of attack?

• A. a malicious SaaS application file accessed from an unmanaged mobile phone
• B. ransomware installed from an infected USB drive
• C. malware installed on the laptop by a disgruntled employee
• D. a malicious PDF file located on an internet website

Answer: D

NEW QUESTION 3
Which type of adversary would commit cybercrimes with the authorization of their country’s government?

• A. state-sponsored
• B. hacktivist
• C. gray hat
• D. white hat

Answer: A

NEW QUESTION 4
You discover an infected email attachment that contains software code that attacks a known vulnerability in a popular social networking application. This type of software code belongs to which type of malware category?

• A. social engineering
• B. virus
• C. pharming
• D. exploit

Answer: D

NEW QUESTION 5
What is a component of a public key infrastructure?

• A. Key Distribution Center
• B. KDC ticket
• C. SSH key
• D. certificate authority

Answer: D

NEW QUESTION 6
Which option lists the correct sequence of a TCP three-way handshake?

• A. SYN, ACK, SYN
• B. SYN, SYN+ACK, ACK
• C. SYN, ACK, FIN
• D. SYN, SYN+ACK, FIN

Answer: B

NEW QUESTION 7
What does Palo Alto Networks Traps do first when an endpoint is asked to run an executable?

• A. send the executable to WildFire
• B. run a static analysis
• C. run a dynamic analysis
• D. check its execution policy

Answer: D

NEW QUESTION 8
When accessing an intranet website, a certificate error is received. What can be done to move past the certificate error and ensure that the error is not received the next time the website is accessed?

• A. install the website certificate into the web browser
• B. request trusted access from the web developer
• C. enable TLS 2.0 in the advanced options of the web browser
• D. trust the web developer for the application

Answer: A

NEW QUESTION 9
Which type of security device uses a single-pass, parallel processor hardware architecture to accelerate content inspection?

• A. unified threat management
• B. stateless firewalls
• C. next-generation firewall
• D. PoS-based firewall

Answer: C

NEW QUESTION 10
Match the Palo Alto Networks Wild Fire analysis verdict with its definition.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Benign – does not exhibit a malicious behavior Grayware – does not pose a direct security threat
Malware – malicious in the intent and can pose a security threat References:

NEW QUESTION 11
Which data security compliance standard is used to protect card holder data wherever it is processed, stored, or transmitted?

• A. Property Card Industry
• B. Payment Card Industry
• C. Personal Card Industry
• D. Payment Club Industry

Answer: B

NEW QUESTION 12
Match the tool to its capability.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Nmap – port scanner
Nessus – vulnerability scanner Wireshark – network analyzer

NEW QUESTION 13
Match the task for server settings in group mapping with its order in the process.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Native – Requires the installation of an OS Hosted – Requires the installation of an OS
Bare-metal – Does not require installation of an OS Type 1 – Does not require installation of an OS

NEW QUESTION 14
Which security component should be used to prevent a malware attack delivered by USB drive?

• A. endpoint security
• B. password security
• C. physical security
• D. firewall security

Answer: C

NEW QUESTION 15
Which Palo Alto Networks product or feature includes machine learning to enhance security?

• A. Panorama
• B. MineMeld
• C. Magnifier
• D. User-ID

Answer: C

NEW QUESTION 16
What are two methods to securely transmit personally identifiable information? (Choose two.)

• A. data checksumming
• B. data fragmentation
• C. data encryption
• D. encrypted tunnels

Answer: CD

NEW QUESTION 17
Which two types of SaaS applications are allowed by an IT department? (Choose two.)

• A. tolerated
• B. certified
• C. sanctioned
• D. unsanctioned

Answer: AC

NEW QUESTION 18
Match each option with the term it describes.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Public-cloud computing Public-cloud computing Virtualization Virtualization

NEW QUESTION 19
Which type of attack floods a target with TCP SYN requests?

• A. route table poisoning
• B. reconaissance
• C. denial-of-service
• D. IP spoofing

Answer: C

NEW QUESTION 20
Which Palo Alto Networks tool is used to prevent endpoint systems from running malware executables such as viruses, trojans and rootkits?

• A. AutoFocus
• B. Traps
• C. Expedition
• D. App-ID

Answer: B

NEW QUESTION 21
......