[2023年11月16日]PCCET試験問題集を試そう！ベストPCCET試験問題 [Q47-Q71]

[2023年11月16日]PCCET試験問題集を試そう！ベストPCCET試験問題

検証済みのPCCETテスト問題集で正確な145問題と解答

質問 # 47
Which network firewall primarily filters traffic based on source and destination IP address?

A. Application
B. Stateless
C. Proxy
D. Stateful

正解：D

質問 # 48
What does SIEM stand for?

A. Secure Infrastructure and Event Monitoring
B. Security Information and Event Management
C. Standard Installation and Event Media
D. Security Infosec and Event Management

正解：B

解説：
Originally designed as a tool to assist organizations with compliance and industry-specific regulations, security information and event management (SIEM) is a technology that has been around for almost two decades

質問 # 49
What is a key advantage and key risk in using a public cloud environment?

A. Dedicated Networks
B. Multi-tenancy
C. Dedicated Hosts
D. Multiplexing

正解：B

解説：
Explanation
Multitenancy is a key characteristic of the public cloud, and an important risk. Although public cloud providers strive to ensure isolation between their various customers, the infrastructure and resources in the public cloud are shared. Inherent risks in a shared environment include misconfigurations, inadequate or ineffective processes and controls, and the "noisy neighbor" problem (excessive network traffic, disk I/O, or processor use can negatively impact other customers sharing the same resource). In hybrid and multicloud environments that connect numerous public and/or private clouds, the delineation becomes blurred, complexity increases, and security risks become more challenging to address.

質問 # 50
In addition to integrating the network and endpoint components, what other component does Cortex integrate to speed up IoC investigations?

A. Cloud
B. Switch
C. Computer
D. Infrastructure

正解：A

解説：
Cortex XDR breaks the silos of traditional detection and response by natively integrating network, endpoint, and cloud data to stop sophisticated attacks

質問 # 51
In which phase of the cyberattack lifecycle do attackers establish encrypted communication channels back to servers across the internet so that they can modify their attack objectives and methods?

A. installation
B. exploitation
C. actions on the objective
D. command and control

正解：D

解説：
Command and Control: Attackers establish encrypted communication channels back to command-and-control (C2) servers across the internet so that they can modify their attack objectives and methods as additional targets of opportunity are identified within the victim network, or to evade any new security countermeasures that the organization may attempt to deploy if attack artifacts are discovered.

質問 # 52
What is a key method used to secure sensitive data in Software-as-a-Service (SaaS) applications?

A. Allow users to choose their own applications to access data.
B. Leave data security in the hands of the cloud service provider.
C. Allow downloads to both managed and unmanaged devices.
D. Allow downloads to managed devices but block them from unmanaged devices.

正解：B

質問 # 53
Which type of Software as a Service (SaaS) application provides business benefits, is fast to deploy, requires minimal cost and is infinitely scalable?

A. Benign
B. Tolerated
C. Secure
D. Sanctioned

正解：D

質問 # 54
Which option would be an example of PII that you need to prevent from leaving your enterprise network?

A. Trade secret
B. A symmetric encryption key
C. National security information
D. Credit card number

正解：D

質問 # 55
Which TCP/IP sub-protocol operates at the Layer7 of the OSI model?

A. MAC
B. UDP
C. SNMP
D. NFS

正解：C

解説：
Explanation
Application (Layer 7 or L7): This layer identifies and establishes availability of communication partners, determines resource availability, and synchronizes communication.
Presentation (Layer 6 or L6): This layer provides coding and conversion functions (such as data representation, character conversion, data compression, and data encryption) to ensure that data sent from the Application layer of one system is compatible with the Application layer of the receiving system.
Session (Layer 5 or L5): This layer manages communication sessions (service requests and service responses) between networked systems, including connection establishment, data transfer, and connection release.
Transport (Layer 4 or L4): This layer provides transparent, reliable data transport and end-to-end transmission control.

質問 # 56
Which three services are part of Prisma SaaS? (Choose three.)

A. Denial of Service
B. DevOps
C. Threat Prevention
D. Data Exposure Control
E. Data Loss Prevention

正解：C、D、E

質問 # 57
Which Palo Alto Networks tool is used to prevent endpoint systems from running malware executables such as viruses, trojans, and rootkits?

A. Expedition
B. Cortex XDR
C. AutoFocus
D. App-ID

正解：B

質問 # 58
Match the DNS record type to its function within DNS.

正解：

解説：

Explanation
The basic DNS record types are as follows:
A (IPv4) or AAAA (IPv6) (Address): Maps a domain or subdomain to an IP address or multiple IP addresses CNAME (Canonical Name): Maps a domain or subdomain to another hostname MX (Mail Exchanger): Specifies the hostname or hostnames of email servers for a domain PTR (Pointer): Points to a CNAME; commonly used for reverse DNS lookups that map an IP address to a host in a domain or subdomain SOA (Start of Authority): Specifies authoritative information about a DNS zone such as primary name server, email address of the domain administrator, and domain serial number NS (Name Server): The NS record specifies aan authoritative name server for a given host.
TXT (Text): Stores text-based information

質問 # 59
What is the recommended method for collecting security logs from multiple endpoints?

A. Build a script that pulls down the logs from all endpoints.
B. Leverage an EDR solution to request the logs from endpoints.
C. Configure endpoints to forward logs to a SIEM.
D. Connect to the endpoints remotely and download the logs.

正解：C

質問 # 60
Match the IoT connectivity description with the technology.

正解：

解説：

質問 # 61
Match each tunneling protocol to its definition.

正解：

解説：

質問 # 62
In which type of Wi-Fi attack does the attacker intercept and redirect the victim's web traffic to serve content from a web server it controls?

A. Evil Twin
B. Meddler-in-the-middle
C. Jasager
D. Emotet

正解：B

質問 # 63
You have been invited to a public cloud design and architecture session to help deliver secure east west flows and secure Kubernetes workloads.
What deployment options do you have available? (Choose two.)

A. VM-Series
B. CN-Series
C. Panorama
D. PA-Series

正解：A、D

質問 # 64
During the OSI layer 3 step of the encapsulation process, what is the Protocol Data Unit (PDU) called when the IP stack adds source (sender) and destination (receiver) IP addresses?

A. Frame
B. Segment
C. Packet
D. Data

正解：C

解説：
The IP stack adds source (sender) and destination (receiver) IP addresses to the TCP segment (which now is called an IP packet) and notifies the server operating system that it has an outgoing message ready to be sent across the network.

質問 # 65
Which security component should you configure to block viruses not seen and blocked by the perimeter firewall?

A. endpoint NIC ACLs
B. endpoint antivirus software
C. strong endpoint passwords
D. endpoint disk encryption

正解：B

質問 # 66
Which IoT connectivity technology is provided by satellites?

A. VLF
B. L-band
C. 2G/2.5G
D. 4G/LTE

正解：B

質問 # 67
Which two network resources does a directory service database contain? (Choose two.)

A. Terminal shell types on endpoints
B. /etc/shadow files
C. Services
D. Users

正解：C、D

解説：
Explanation
A directory service is a database that contains information about users, resources, and services in a network.

質問 # 68
Which method is used to exploit vulnerabilities, services, and applications?

A. port evasion
B. encryption
C. DNS tunneling
D. port scanning

正解：A

解説：
Explanation
Attack communication traffic is usually hidden with various techniques and tools, including:
Encryption with SSL, SSH (Secure Shell), or some other custom or proprietary encryption Circumvention via proxies, remote access tools, or tunneling. In some instances, use of cellular networks enables complete circumvention of the target network for attack C2 traffic.
Port evasion using network anonymizers or port hopping to traverse over any available open ports Fast Flux (or Dynamic DNS) to proxy through multiple infected endpoints or multiple, ever-changing C2 servers to reroute traffic and make determination of the true destination or attack source difficult DNS tunneling is used for C2 communications and data infiltration

質問 # 69
SecOps consists of interfaces, visibility, technology, and which other three elements? (Choose three.)