Palo Alto Networks PCCET Exam Questions Instant Access

Question 1

In an IDS/IPS, which type of alarm occurs when legitimate traffic is improperly identified as malicious traffic?

AFalse-positive

BTrue-negative

CFalse-negative

DTrue-positive

Answer : A

In anti-malware, a false positive incorrectly identifies a legitimate file or application as malware. A false negative incorrectly identifies malware as a legitimate file or application. In intrusion detection, a false positive incorrectly identifies legitimate traffic as a threat, and a false negative incorrectly identifies a threat as legitimate traffic.

Question 2

Which IoT connectivity technology is provided by satellites?

A4G/LTE

BVLF

CL-band

D2G/2.5G

Answer : C

2G/2.5G: 2G connectivity remains a prevalent and viable IoT connectivity option due

to the low cost of 2G modules, relatively long battery life, and large installed base of

2G sensors and M2M applications.

3G: IoT devices with 3G modules use either Wideband Code Division Multiple Access

(W-CDMA) or Evolved High Speed Packet Access (HSPA+ and Advanced HSPA+) to

achieve data transfer rates of 384Kbps to 168Mbps.

4G/Long-Term Evolution (LTE): 4G/LTE networks enable real-time IoT use cases, such

as autonomous vehicles, with 4G LTE Advanced Pro delivering speeds in excess of

3Gbps and less than 2 milliseconds of latency.

5G: 5G cellular technology provides significant enhancements compared to 4G/LTE

networks and is backed by ultra-low latency, massive connectivity and scalability for

IoT devices, more efficient use of the licensed spectrum, and network slicing for

application traffic prioritization.

Question 3

A user is provided access over the internet to an application running on a cloud infrastructure. The servers, databases, and code of that application are hosted and maintained by the vendor.

Which NIST cloud service model is this?

AIaaS

BSaaS

CPaaS

DCaaS

Answer : B

According to the NIST definition of cloud computing1, there are three service models for cloud computing: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). In the SaaS model, the cloud provider delivers the software applications over the internet, and the users access them from various devices through a web browser or a program interface. The cloud provider manages the underlying infrastructure, including the servers, databases, and code of the applications. The users do not need to install, update, or maintain the software, and they only pay for the service they use. The scenario described in the question is an example of the SaaS model, as the user is provided access over the internet to an application running on a cloud infrastructure, and the vendor hosts and maintains the servers, databases, and code of that application.Reference:

SP 800-145, The NIST Definition of Cloud Computing | CSRC

Final Version of NIST Cloud Computing Definition Published

NIST Cloud Computing Program - NCCP | NIST

SaaS - User responsible for only the data, vendor responsible for rest

Question 4

Which organizational function is responsible for security automation and eventual vetting of the solution to help ensure consistency through machine-driven responses to security issues?

ANetOps

BSecOps

CSecDevOps

DDevOps

Answer : B

SecOps is the organizational function that is responsible for security automation and eventual vetting of the solution to help ensure consistency through machine-driven responses to security issues. SecOps is a collaboration between security and operations teams that aims to align their goals, processes, and tools to improve security posture and efficiency. SecOps can leverage automation to simplify and accelerate security tasks, such as threat detection, incident response, vulnerability management, compliance enforcement, and more. Security automation can also reduce human errors, enhance scalability, and free up resources for more strategic initiatives.Reference:

SecOpsfrom Palo Alto Networks

What is security automation?from Red Hat

What is Security Automation?from Check Point Software

Question 5

Which TCP/IP sub-protocol operates at the Layer7 of the OSI model?

AUDP

BMAC

CSNMP

DNFS

Answer : C

Application (Layer 7 or L7): This layer identifies and establishes availability of communication partners, determines resource availability, and synchronizes communication.

Presentation (Layer 6 or L6): This layer provides coding and conversion functions (such as data representation, character conversion, data compression, and data encryption) to ensure that data sent from the Application layer of one system is compatible with the Application layer of the receiving system.

Session (Layer 5 or L5): This layer manages communication sessions (service requests and service responses) between networked systems, including connection establishment, data transfer, and connection release.

Transport (Layer 4 or L4): This layer provides transparent, reliable data transport and

end-to-end transmission control.

Question 6

The seventy of an attack needs to be escalated.

What needs to be in place in order for the security operations team to properly inform various units within the enterprise of the issue?

AInterface Agreement

BFAO Incident Site ---

CCorporate Executive Listserv

DSecurity Breach Blog

Answer : A

Question 7

What does SOAR technology use to automate and coordinate workflows?

Aalgorithms

BCloud Access Security Broker

CSecurity Incident and Event Management

Dplaybooks

Answer : D

SOAR tools ingest aggregated alerts from detection sources (such as SIEMs, network security tools, and mailboxes) before executing automatable, process-driven playbooks to enrich and respond to these alerts.

Palo Alto Networks Certified Cybersecurity Entry-level Technician PCCET Exam Questions