An organization can be compliant with all applicable security and privacy regulations for its industry, yet still not be secure.

The Cyber-Attack Lifecycle is a five-step process that an attacker goes through to attack a network.

An attacker needs to succeed in executing only one step of the Cyber-Attack Lifecycle to infiltrate a network, whereas a defender must “be right every time” and break every step of the chain to prevent an attack.

Which technique is not used to break the command-andcontrol (C&C) phase of the Cyber-Attack Lifecycle?

The key to breaking the Cyber-Attack Lifecycle during the Installation phase is to implement network segmentation, a Zero Trust model, and granular control of applications to limit or restrict an attacker’s lateral movement within the network.

Network firewalls cannot completely protect hosts from zeroday exploits.

Which option describes malicious software or code that typically takes control of, collects information from, or damages an infected endpoint?

Which option is an important characteristic or capability of advanced malware?

A vulnerability is a small piece of software code, part of a malformed data file, or a sequence (string) of commands created by an attacker to cause unintended or unanticipated behavior in a system or software.

New exploits can be crafted from any number of more than a thousand core exploit techniques.

Wired Equivalent Privacy (WEP) is an effective protocol for securing wireless networks.

Which option is an example of a static routing protocol?

The U.S. law that establishes national standards to protect individuals’ medical records and other health information is known as the Health Insurance Portability and Accountability Act (HIPAA).

The internet is an example of a wide-area network (WAN).

Which option is an example of a logical address?

The OSI model consists of how many layers?

Zero-day exploits target unknown vulnerabilities in operating system and application software on a host machine.

The Data Link layer of the OSI model is further divided into

these two sublayers: media access control (MAC) and Logical Link Control (LLC).

A Zero Trust network security model is based on which security principle?

Intra-VM traffic is also known as which type of traffic?

What does the first phase of implementing security in virtualized data centers consist of?

A dynamic packet filtering firewall inspects each individual packet during a session to determine if the traffic should be allowed, blocked, or dropped by the firewall.

MineMeld an open-source application, available directly on GitHub, that streamlines the aggregation, enforcement, and sharing of threat intelligence.

Which VPN technology is currently considered the preferred method for securely connecting a remote endpoint device back to an enterprise network?

Which is NOT a characteristic of Unified Threat Management (UTM)?

Signature-based anti-malware software is considered a proactive security countermeasure.

The Domain Name System (DNS) is a distributed, hierarchical internet database that maps FQDNs to IP addresses.

A one-way hash is a mathematical function that creates a unique representation of a larger set of data in a manner that is easy to compute in one direction, but not in the reverse direction.

A router sends data packets to destination networks along a network path using logical addresses.

An IPv4 address consists of four 8-bit octets.

Which option is not a defining characteristic of an NGFW?

Which option is not a core technique for identifying applications in Palo Alto Networks NGFWs?

Panorama does not integrate with which option?

The key to Traps is blocking core exploit and malware techniques, not the individual attacks.

Aperture is deployed as a standalone inline service between the organization’s traditional perimeter-based firewalls and requires a software agent to be installed on mobile devices.

Aperture protects data in hosted files and application entries.

Subnetting is a technique used to divide a large network into smaller, multiple subnetworks by segmenting an IPv4 address into a network and host portion.

AutoFocus is an optional module that can be installed on NGFWs.

WildFire operates on which concept?

WildFire prevents known and unknown malware threats.

WildFire performs deep packet inspection of malicious outbound communications to disrupt C&C activity.

Container-based endpoint protection wraps a protective virtual barrier around vulnerable processes while they’re running.

A storage area network (SAN) uses hybrid-based storage.

Active Directory is a network directory service developed by Microsoft for Windows networks.

ITIL is a set of IT service management best practices.

Evident provides continuous monitoring of public clouds and helps organizations achieve a continuous state of compliance in their public cloud workloads.