Palo Alto Networks Certified Cybersecurity Entry-level Technician PCCET Exam Questions

Page: 1 / 14
Total 158 questions
Question 1

Why is it important to protect East-West traffic within a private cloud?



Answer : A

East-West traffic is the lateral movement of data packets between servers within a data center, or across private and public clouds1.This type of traffic has grown substantially with the proliferation of data centers and cloud adoption, and it now surpasses the conventional North-South traffic that goes in or out of the network2.Therefore, it is important to protect East-West traffic from potential malicious actors and breaches, as threats can arise internally and move laterally without ever touching the traditional network perimeter12.By inspecting and monitoring all East-West traffic, organizations can effectively block the lateral movement of threat actors, increase network visibility, protect vital applications and data, and lower costs and risks for distributed operations23.Reference:

East-West Traffic: Everything You Need to Know | Gigamon Blog

What is East-West Security? | VMware Glossary

How to Harness East-West Visibility for a Stronger Defensive Security ...


Question 2

Which NGFW feature is used to provide continuous identification, categorization, and control of known and previously unknown SaaS applications?



Answer : C

App-ID technology leverages the power of the broad global community to provide continuous identification, categorization, and granular risk-based control of known and previously unknown SaaS applications, ensuring new applications are discovered automatically as they become popular.


Question 3

Under which category does an application that is approved by the IT department, such as Office 365, fall?



Answer : D

A sanctioned application is an application that is approved by the IT department and meets the security and compliance requirements of the organization. Sanctioned applications are allowed to access the organization's network and data and are monitored and protected by the IT department. Examples of sanctioned applications are Office 365, Salesforce, and Zoom. Sanctioned applications are different from unsanctioned, prohibited, and tolerated applications, which are not approved by the IT department and may pose security risks to the organization. Unsanctioned applications are applications that are used by the employees without the IT department's knowledge or consent, such as Dropbox, Gmail, or Facebook. Prohibited applications are applications that are explicitly forbidden by the IT department, such as BitTorrent, Tor, or malware. Tolerated applications are applications that are not approved by the IT department, but are not blocked or restricted, such as Skype, Spotify, or YouTube.Reference:Palo Alto Networks Certified Cybersecurity Entry-level Technician (PCCET),Cloud Security Fundamentals - Module 4: Cloud Security Best Practices,Application Visibility and Control


Question 4

Which Palo Alto Networks subscription service complements App-ID by enabling you to configure the next- generation firewall to identify and control access to websites and to protect your organization from websites hosting malware and phishing pages?



Answer : D

The URL Filtering service complements App-ID by enabling you to configure the next-generation firewall to identify and control access to websites and to protect your organization from websites that host malware and phishing pages.


Question 5

Anthem server breaches disclosed Personally Identifiable Information (PII) from a number of its servers. The infiltration by hackers was attributed to which type of vulnerability?



Answer : D

The Anthem data breach of 2015 was caused by a phishing scheme that captured a database administrator's password. According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), hackers sent phishing emails to an Anthem subsidiary. At least one employee responded.Attackers were able to plant malware on the company's system and gain remote access to confidential information1.The breach exposed the electronic protected health information of almost 79 million people, including names, Social Security numbers, medical identification numbers, addresses, dates of birth, email addresses, and employment information2.Reference:

Anthem Pays OCR $16 Million in Record HIPAA Settlement Following Largest U.S. Health Data Breach

How Anthem Data Breach Exposed Personnel Records - IDStrong


Question 6

Which core component is used to implement a Zero Trust architecture?



Answer : C

'Remember that a trust zone is not intended to be a ''pocket of trust'' where systems (and therefore threats) within the zone can communicate freely and directly with each other. For a full Zero Trust implementation, the network would be configured to ensure that all communications traffic, including traffic between devices in the same zone, is intermediated by the corresponding Zero Trust Segmentation Platform.'


Question 7

Which type of Wi-Fi attack depends on the victim initiating the connection?



Answer : A

An evil twin is a type of Wi-Fi attack that involves setting up a fake malicious Wi-Fi hotspot with the same name as a legitimate network to trick users into connecting to it. The attacker can then intercept the user's data, such as passwords, credit card numbers, or personal information. The victim initiates the connection by choosing the fake network from the list of available Wi-Fi networks, thinking it is the real one. The attacker can also use a deauthentication attack to disconnect the user from the legitimate network and force them to reconnect to the fake one.Reference:

Types of Wi-Fi Attacks You Need to Guard Your Business Against - TechGenix

Types of Wireless and Mobile Device Attacks - GeeksforGeeks

The 5 most dangerous Wi-Fi attacks, and how to fight them

What are Wi-Fi Attacks & How to Fight - Tech Resider


Page:    1 / 14   
Total 158 questions