Scribd
Upload
141 views17 pages

PCCSA - Prepaway.premium - Exam.50q: Number: PCCSA Passing Score: 800 Time Limit: 120 Min File Version: 1.0

PCCSA exam preparation document containing 50 questions to help candidates prepare for the Palo Alto Networks Certified Cybersecurity Associate certification exam. The exam covers topics such as cybersecurity threats, network security concepts, and Palo Alto Networks products. It provides multiple choice questions, explanations for the answers, and references for further reading. The goal is to assess knowledge across a range of cybersecurity domains relevant to the PCCSA certification.

Uploaded by

Marj Sy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
141 views17 pages

PCCSA - Prepaway.premium - Exam.50q: Number: PCCSA Passing Score: 800 Time Limit: 120 Min File Version: 1.0

PCCSA exam preparation document containing 50 questions to help candidates prepare for the Palo Alto Networks Certified Cybersecurity Associate certification exam. The exam covers topics such as cybersecurity threats, network security concepts, and Palo Alto Networks products. It provides multiple choice questions, explanations for the answers, and references for further reading. The goal is to assess knowledge across a range of cybersecurity domains relevant to the PCCSA certification.

Uploaded by

Marj Sy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 17

PCCSA.prepaway.premium.exam.

50q

Number: PCCSA
Passing Score: 800
Time Limit: 120 min
File Version: 1.0

PCCSA

Palo Alto Networks Certified Cybersecurity Associate

Version 1.0
Exam A

QUESTION 1
Which type of adversary would commit cybercrimes with the authorization of their country’s government?

A. state-sponsored
B. hacktivist
C. gray hat
D. white hat

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 2
When a company chooses to deploy a branch location with antivirus software, which risk model are they using
to manage risk?

A. limiting
B. assuming
C. transferring
D. avoiding

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 3
Which option describes a characteristic of a distributed denial-of-service attack?

A. uses multiple types of malware to corrupt system services


B. uses a single remote host to delete data from multiple target servers
C. uses a single remote host to flood a target network with traffic
D. uses a botnet to flood traffic to a target network

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 4
What is a component of a public key infrastructure?

A. Key Distribution Center


B. KDC ticket
C. SSH key
D. certificate authority
Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 5
From which resource can a Palo Alto Networks firewall get URL category information for URLs whose
categories cannot be found on the firewall?

A. App-ID database
B. WildFire
C. PDF file
D. PAN-DB database

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 6
What does a hypervisor enable?

A. high-speed searching of already aggregated security log files


B. high-speed aggregation and viewing of security log files
C. multiple physical machines to be configured into a high-performance cluster
D. multiple guest operating systems to run on a single physical machine

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 7
DRAG DROP

Match the Palo Alto Networks Wild Fire analysis verdict with its definition.

Select and Place:

Correct Answer:

Section: (none)
Explanation

Explanation/Reference:
Reference: https://docs.paloaltonetworks.com/wildfire/8-0/wildfire-admin/wildfire-overview/wildfire-concepts/
verdicts

QUESTION 8
Identify a weakness of a perimeter-based network security strategy to protect an organization’s endpoint
systems.

A. It cannot identify command-and-control traffic.


B. It cannot monitor all potential network ports.
C. It assumes that all internal devices are untrusted.
D. It assumes that every internal endpoint can be trusted.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 9
DRAG DROP

Match each option with the term it describes.

Select and Place:

Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 10
Which type of security device uses a single-pass, parallel processor hardware architecture to accelerate
content inspection?

A. unified threat management


B. stateless firewalls
C. next-generation firewall
D. PoS-based firewall

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 11
Which well-known port is associated with the Simple Mail Transfer Protocol?

A. 143
B. 25
C. 997
D. 40

Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:

QUESTION 12
DRAG DROP

Match the common TCP/IP protocol with its corresponding port(s).

Select and Place:

Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 13
To which type of organization does the PCI DSS apply?

A. any organization that accepts, transmits, or stores any cardholder data


B. organizations that only accept cardholder data regardless of size or number of transactions
C. only organization larger than 100 employees that accept, transmit, or store any cardholder data
D. organizations that only transmit data regardless of size or number of transactions

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 14
DRAG DROP

Match the task for server settings in group mapping with its order in the process.

Select and Place:

Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 15
Which mobile device management feature prevents jailbreaking or rooting?

A. software distribution
B. malware protection
C. policy enforcement
D. data loss prevention
Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 16
DRAG DROP

Match the tool to its capability.

Select and Place:

Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 17
Which device would an Evil Twin attack use to lure the victim to connect to the attack surface network?

A. switch
B. firewall
C. router
D. access point

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 18
What are two methods to securely transmit personally identifiable information? (Choose two.)

A. data checksumming
B. data fragmentation
C. data encryption
D. encrypted tunnels

Correct Answer: CD
Section: (none)
Explanation

Explanation/Reference:

QUESTION 19
What is the primary purpose of using encryption as part of your network data security architecture?

A. authorization
B. confidentiality
C. integrity
D. authentication

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 20
Which security component should be used to prevent a malware attack delivered by USB drive?

A. endpoint security
B. password security
C. physical security
D. firewall security

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 21
DRAG DROP

Match each type of breach to its consequence.

Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:

QUESTION 22
A firewall located on an organization’s network perimeter can be used to protect against which type of attack?

A. a malicious SaaS application file accessed from an unmanaged mobile phone


B. ransomware installed from an infected USB drive
C. malware installed on the laptop by a disgruntled employee
D. a malicious PDF file located on an internet website

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 23
Which Palo Alto Networks tool is used to prevent endpoint systems from running malware executables such as
viruses, trojans and rootkits?

A. AutoFocus
B. Traps
C. Expedition
D. App-ID

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 24
Which protocol converts voice into a digital signal?

A. IVO
B. VoIP
C. SNMP
D. IGMP

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 25
Which security component should you configure to block viruses not seen and blocked by the perimeter
firewall?

A. strong endpoint passwords


B. endpoint disk encryption
C. endpoint antivirus software
D. endpoint NIC ACLs

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 26
Which Palo Alto Networks product or feature includes machine learning to enhance security?

A. Panorama
B. MineMeld
C. Magnifier
D. User-ID
.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 27
Which type of attack floods a target with ICMP requests?

A. route table poisoning


B. reconnaissance
C. IP spoofing
D. denial-of-service

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
QUESTION 28
Which type of attack floods a target with TCP SYN requests?

A. route table poisoning


B. reconnaissance
C. denial-of-service
D. IP spoofing

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 29
Which two components are part of a next-generation firewall security policy? (Choose two.)

A. role-based access controls


B. user identification
C. content identification
D. file permissions

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:

QUESTION 30
Which type of malware is self-replicating but must first infect a host program and be executed by a user or
process?
.

A. vulnerability
B. worm
C. exploit
D. virus

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 31
You discover malware has corrupted the BIOS on your laptop. Which type of malware is this?

A. bootkit
B. exploit
C. rootkit
D. vulnerability
Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 32
Which data security compliance standard is used to protect card holder data wherever it is processed, stored,
or transmitted?

A. Property Card Industry


B. Payment Card Industry
C. Personal Card Industry
D. Payment Club Industry

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 33
What does Palo Alto Networks Traps do first when an endpoint is asked to run an executable?

A. send the executable to WildFire


B. run a static analysis
C. run a dynamic analysis
D. check its execution policy

Correct Answer: D
Section: (none)
Explanation
.

Explanation/Reference:

QUESTION 34
What is the function of a hashing protocol?

A. encrypts data with encapsulation


B. establishes an unencrypted tunnel
C. establishes a secure tunnel
D. provides data integrity

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 35
Which two items operate at the network layer in the OSI network model? (Choose two.)
A. IP address
B. router
C. switch
D. MAC address

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:

QUESTION 36
In which type of cloud computing service does an organization own and control application data, but not the
application?

A. platform as a service
B. computing as a service
C. infrastructure as a service
D. software as a service

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 37
You discover an infected email attachment that contains software code that attacks a known vulnerability in a
popular social networking application. This type of software code belongs to which type of malware category?

A. social engineering
B. virus
C. pharming
.

D. exploit

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 38
What is an example of a distance-vector routing protocol?

A. OSPF
B. BGP
C. RIP
D. IGRP

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 39
Which type of firewall monitors traffic streams from beginning to end?

A. circuit-level gateway
B. stateless
C. stateful
D. packet filter

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 40
Which option lists the correct sequence of a TCP three-way handshake?

A. SYN, ACK, SYN


B. SYN, SYN+ACK, ACK
C. SYN, ACK, FIN
D. SYN, SYN+ACK, FIN

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 41
.

Which two types of SaaS applications are allowed by an IT department? (Choose two.)

A. tolerated
B. certified
C. sanctioned
D. unsanctioned

Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:
Reference: https://www.paloaltonetworks.com/cyberpedia/saas-security

QUESTION 42
Which network method securely connects two sites across a public network?

A. VPN
B. VLAN
C. switch
D. router

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 43
Review the exhibit and identify the type of vulnerability or attack that is commonly used against this technology.

A. phishing
B. denial-of-service
C. code-injection
D. password cracking

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
.

QUESTION 44
When accessing an intranet website, a certificate error is received. What can be done to move past the
certificate error and ensure that the error is not received the next time the website is accessed?

A. install the website certificate into the web browser


B. request trusted access from the web developer
C. enable TLS 2.0 in the advanced options of the web browser
D. trust the web developer for the application

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 45
Assume that it is your responsibility to secure the software functioning at all layers in the exhibit.
Which cloud service model type is represented?
.

A. software as a service
B. platform as a service
C. infrastructure as a service
D. on-premises

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 46
Which security principle describes the practice of giving users the minimum rights to access the resources
necessary to do their jobs?

A. known privilege
B. least privilege
C. user privilege
D. lowest privilege

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 47
An attacker emails a malicious URL links to 50,000 email addresses. The email states that users can click the
link to view the latest celebrity news, but the link also secretly infects the user’s laptop. This scenario describes
which type of attack?

A. whailing
B. phishing
C. drive-by download
D. pharming

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 48
Company policy allows employees to access the internet. While searching for office supplies on the internet, a
corporate user mistypes a URL, connects to a malicious website, and unknowingly downloads malware.

Which action should have been taken to prevent the malware download but still allow user access to the
internet?

A. deploy a firewall with content filtering capabilities on the corporate perimeter


B. allow only encrypted HTTPS access to the internet
C. configure digital certificates for all users to authenticate internet downloads
.

D. permit web connections only to TCP port 443

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 49
What method can be used to guarantee that a document originates from you and no one else?

A. public key encryption, encrypting the document with the private key and making the public key available to
others
B. symmetric encryption, encrypting the document with the secret key and making a different secret key
available to others
C. symmetric encryption, encrypting the document with the secret key and making the same secret key
available to others
D. public key encryption, encrypting the document with the private key and making the private key available to
others
Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 50
Which type of cloud computing deployment makes resources exclusively available to members of a single
organization?

A. local
B. private
C. hybrid
D. public

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
.

You might also like