Which feature is part of an intrusion prevention system (IPS)?
Answer(s): B
An Intrusion Prevention System (IPS) includes automated security actions, such as blocking malicious traffic, resetting connections, or alerting administrators when it detects suspicious activity, helping to stop attacks in real time.
What are two capabilities of identity threat detection and response (ITDR)? (Choose two.)
Answer(s): C,D
Scanning for excessive logins ITDR identifies suspicious patterns such as unusual or excessive login attempts, which may indicate credential abuse.Analyzing access management logs ITDR tools analyze identity-related logs, including authentication and authorization events, to detect threats tied to user behavior and access anomalies.Device security and signature matching are not core functions of ITDR; they fall under endpoint protection and traditional threat detection respectively.
Which type of attack involves sending data packets disguised as queries to a remote server, which then sends the data back to the attacker?
DNS tunneling is an attack technique where data packets are disguised as DNS queries and sent to a remote server. That server, often under the attacker's control, responds with additional data or instructions, effectively creating a covert command-and-control (C2) channel over DNS.
Which service is encompassed by serverless architecture?
Serverless architecture is primarily implemented through Function as a Service (FaaS), where developers write and deploy individual functions without managing the underlying infrastructure. The cloud provider handles scaling, resource allocation, and execution on demand.
Which architecture model uses virtual machines (VMs) in a public cloud environment?
Answer(s): D
A host-based architecture uses virtual machines (VMs) to run workloads on a shared host, commonly found in public cloud environments. Each VM operates independently with its own OS, making this model suitable for traditional and isolated application deployments.
Post your Comments and Discuss Palo Alto Networks Cybersecurity-Practitioner exam dumps with other Community members:
ElastiCache for Redis
S3 Object Lock
S3
SFTP
AWS Transfer Family
Amazon SQS
API Gateway
Lambda
usage plan
AWS WAF
Amazon ECS
Application Load Balancer
AWS Global Accelerator
Network Load Balancer
EC2
Auto Scaling group
CloudFront
ALB
AWS PrivateLink
CRR
SSE-S3
Athena
SSE-KMS
RDS Custom for Oracle
s3:GetObject
Amazon OpenSearch Service
CloudWatch Logs
Kinesis Data Firehose
Kinesis
S3 bucket
SQS
AWS Lambda
AWS Secrets Manager
AWS Systems Manager OpsCenter
secretsmanager:GetSecretValue
seq
for h in {1..254}
for h in $(seq 1 254); do
Kinesis Data Streams
Amazon Redshift
secrets:GetSecretValue
aws:PrincipalOrgID
"aws:PrincipalOrgID": "o-1234567890"
Azure Bot Service
Microsoft.Network/applicationSecurityGroups
Microsoft.Network/bastions
Microsoft.Network
COPY INTO
SELECT
COPY INTO @stage/path/file.csv FROM (SELECT col1, col2 FROM my_table WHERE date >= '2024-01-01') FILE_FORMAT=(TYPE=CSV);
Users
External collaboration settings
zone
subinterfaces
Our website is free, but we have to fight against AI bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the Cybersecurity-Practitioner content, but please register or login to continue.