Cybersecurity-Practitionerブレーン問題集PDF、Palo Alto Networks Cybersecurity-Practitioner試験問題豪華お試しセット [Q87-Q112]

Share

Cybersecurity-Practitionerブレーン問題集PDF、Palo Alto Networks Cybersecurity-Practitioner試験問題豪華お試しセット

2026年最新されたCybersecurity-Practitionerサンプル問題は信頼され続けるCybersecurity-Practitionerテストエンジン


Palo Alto Networks Cybersecurity-Practitioner 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • ネットワーク セキュリティ: このドメインでは、ゼロ トラスト ネットワーク アクセス、ファイアウォール、マイクロセグメンテーション、IPS、URL フィルタリング、DNS セキュリティ、VPN、SSL
  • TLS 復号化などのセキュリティ テクノロジーによるネットワーク保護、さらに OT
  • IoT の懸念、NGFW の展開、クラウド配信型セキュリティ サービス、Precision AI についても取り上げます。
トピック 2
  • サイバーセキュリティ: このドメインでは、AAA フレームワーク、MITRE ATT&CK テクニック、ゼロ トラストの原則、高度な持続的脅威、IAM、MFA、モバイル デバイス管理、セキュア メール ゲートウェイなどの一般的なセキュリティ テクノロジーを含む、基本的なセキュリティ概念をカバーします。
トピック 3
  • セキュリティ運用: このドメインは、脅威ハンティング、インシデント対応、SIEM および SOAR プラットフォーム、攻撃対象領域管理、XSOAR、Xpanse、XSIAM などの Cortex ソリューションを含むセキュリティ運用に重点を置いています。
トピック 4
  • エンドポイント セキュリティ: このドメインでは、侵害の兆候、シグネチャベースのマルウェア対策の制限、UEBA、EDR
  • XDR、行動に基づく脅威の防止、ホスト ファイアウォールやディスク暗号化などのエンドポイント セキュリティ テクノロジ、Cortex XDR 機能などのエンドポイント保護について説明します。

 

質問 # 87
Which type of portable architecture can package software with dependencies in an isolated unit?

  • A. Air-gapped
  • B. Serverless
  • C. SaaS
  • D. Containerized

正解:D

解説:
A containerized architecture packages software along with its dependencies, libraries, and configuration into an isolated unit called a container. This ensures consistent behavior across environments and simplifies deployment and scaling.


質問 # 88
Match the IoT connectivity description with the technology.

正解:

解説:


質問 # 89
What does "forensics" refer to in a Security Operations process?

  • A. Reviewing information about a broad range of activities
  • B. Validating cyber analysts' backgrounds before hiring
  • C. Analyzing new IDS/IPS platforms for an enterprise
  • D. Collecting raw data needed to complete the detailed analysis of an investigation

正解:D

解説:
Forensics in a Security Operations process refers to collecting raw data needed to complete the detailed analysis of an investigation. Forensic analysis is a crucial step in identifying, investigating, and documenting the cause, course, and consequences of a security incident or violation. Forensic analysis involves various techniques and tools to extract, preserve, analyze, and present evidence in a structured and acceptable format. Forensic analysis can be used for legal compliance, auditing, incident response, and threat intelligence purposes. Reference:
Cyber Forensics Explained: Reasons, Phases & Challenges of Cyber Forensics SOC Processes, Operations, Challenges, and Best Practices What is Digital Forensics | Phases of Digital Forensics | EC-Council


質問 # 90
In addition to local analysis, what can send unknown files to WildFire for discovery and deeper analysis to rapidly detect potentially unknown malware?

  • A. MineMild
  • B. AutoFocus
  • C. Cortex XSOAR
  • D. Cortex XDR

正解:D

解説:
In addition to local analysis, Cortex XDR can send unknown files to WildFire for discovery and deeper analysis to rapidly detect.


質問 # 91
Which of the following is a service that allows you to control permissions assigned to users in order for them to access and utilize cloud resources?

  • A. User-ID
  • B. Identity and Access Management (IAM)
  • C. Lightweight Directory Access Protocol (LDAP)
  • D. User and Entity Behavior Analytics (UEBA)

正解:B

解説:
Identity and access management (IAM) is a software service or framework that allows organizations to define user or group identities within software environments, then associate permissions with them. The identities and permissions are usually spelled out in a text file, which is referred to as an IAM policy.


質問 # 92
Which network firewall operates up to Layer 4 (Transport layer) of the OSI model and maintains information about the communication sessions which have been established between hosts on trusted and untrusted networks?

  • A. Stateful
  • B. Stateless
  • C. Static packet-filter
  • D. Group policy

正解:A

解説:
Stateful packet inspection firewalls Second-generation stateful packet inspection (also known as dynamic packet filtering) firewalls have the following characteristics:
* They operate up to Layer 4 (Transport layer) of the OSI model and maintain state information about the communication sessions that have been established between hosts on the trusted and untrusted networks.
* They inspect individual packet headers to determine source and destination IP address, protocol (TCP, UDP, and ICMP), and port number (during session establishment only) to determine whether the session should be allowed, blocked, or dropped based on configured firewall rules.
* After a permitted connection is established between two hosts, the firewall creates and deletes firewall rules for individual connections as needed, thus effectively creating a tunnel that allows traffic to flow between the two hosts without further inspection of individual packets during the session.
* This type of firewall is very fast, but it is port-based and it is highly dependent on the trustworthiness of the two hosts because individual packets aren't inspected after the connection is established.


質問 # 93
Which option describes the "selective network security virtualization" phase of incrementally transforming data centers?

  • A. during the selective network security virtualization phase, all intra-host traffic is encapsulated and encrypted using the IPSEC protocol
  • B. during the selective network security virtualization phase, all intra-host traffic is forwarded to a Web proxy server
  • C. during the selective network security virtualization phase, all intra-host traffic is load balanced
  • D. during the selective network security virtualization phase, all intra-host communication paths are strictly controlled

正解:D

解説:
Selective network security virtualization: Intra-host communications and live migrations are architected at this phase. All intra-host communication paths are strictly controlled to ensure that traffic between VMs at different trust levels is intermediated either by an on-box, virtual security appliance or by an off-box, physical security appliance.


質問 # 94
Which security tool provides policy enforcement for mobile users and remote networks?

  • A. Prisma Cloud
  • B. Service connection
  • C. Prisma Access
  • D. Digital experience management

正解:C

解説:
Prisma Access is a cloud-delivered security platform that provides policy enforcement, secure access, and threat prevention for mobile users and remote networks, ensuring consistent security regardless of location.


質問 # 95
In SecOps, what are two of the components included in the identify stage? (Choose two.)

  • A. Initial Research
  • B. Content Engineering
  • C. Change Control
  • D. Breach Response

正解:A、B

解説:
In SecOps, the identify stage is the first step in the security operations lifecycle. It involves gaining knowledge and understanding of the possible security threats and establishing methods to detect, respond and proactively prevent them from occurring1. Two of the components included in the identify stage are:
Initial Research: This component involves gathering information about the organization's assets, vulnerabilities, risks, and compliance requirements. It also involves identifying the key stakeholders, objectives, and metrics for the SecOps project2.
Content Engineering: This component involves developing and maintaining the security content, such as rules, policies, signatures, and alerts, that will be used by the SecOps tools and processes. It also involves testing and validating the security content for accuracy and effectiveness3.
What is SecOps? (and what are the benefits and best practices?), SecOps - definition & overview, The Six Pillars of Effective Security Operations


質問 # 96
What is the ptrpose of automation in SOAR?

  • A. To provide consistency in response to security issues
  • B. To allow easy manual entry of changes to security templates
  • C. To give only administrators the ability to view logs
  • D. To complicate programming for system administration -

正解:A

解説:
Automation in SOAR (Security Orchestration, Automation, and Response) is the process of programming tasks, alerts, and responses to security incidents so that they can be executed without human intervention. Automation in SOAR helps security teams to handle the huge amount of information generated by various security tools, analyze it through machine learning processes, and take appropriate actions based on predefined rules and workflows. Automation in SOAR also reduces the manual effort and time required for security operations, improves the accuracy and efficiency of threat detection and response, and provides consistency in handling security issues across different environments and scenarios. Reference: What is SOAR (security orchestration, automation and response)? | IBM, What Is SOAR? Technology and Solutions | Microsoft Security, Security orchestration - Wikipedia.


質問 # 97
Which type of attack includes exfiltration of data as a primary objective?

  • A. Watering hole attack
  • B. Advanced persistent threat
  • C. Cross-Site Scripting (XSS)
  • D. Denial-of-service (DoS)

正解:B

解説:
An Advanced Persistent Threat (APT) is a long-term, targeted cyberattack where data exfiltration is often the primary objective. Attackers maintain a covert presence in the network to steal sensitive information over time.


質問 # 98
What are two common lifecycle stages for an advanced persistent threat (APT) that is infiltrating a network? (Choose two.)

  • A. Privilege escalation
  • B. Lateral movement
  • C. Deletion of critical data
  • D. Communication with covert channels

正解:A、B

解説:
Lateral movement is a key stage where the attacker moves across the network to find valuable targets.
Privilege escalation involves gaining higher access rights to expand control within the compromised environment.
Communication with covert channels is a tactic used during persistence or exfiltration, while deletion of critical data is not a standard APT lifecycle stage - it's more characteristic of destructive attacks.


質問 # 99
Which security component can detect command-and-control traffic sent from multiple endpoints within a corporate data center?

  • A. Personal endpoint firewall
  • B. Port-based firewall
  • C. Stateless firewall
  • D. Next-generation firewall

正解:D

解説:
A next-generation firewall (NGFW) is a security component that can detect command-and-control (C2) traffic sent from multiple endpoints within a corporate data center. A NGFW is a network device that combines traditional firewall capabilities with advanced features such as application awareness, intrusion prevention, threat intelligence, and cloud-based analysis. A NGFW can identify and block C2 traffic by inspecting the application layer protocols, signatures, and behaviors of the network traffic, as well as correlating the traffic with external sources of threat intelligence. A NGFW can also leverage inline cloud analysis to detect and prevent zero-day C2 threats in real-time. A NGFW can provide granular visibility and control over the network traffic, as well as generate alerts and reports on the C2 activity. Reference:
Palo Alto Networks Certified Cybersecurity Entry-level Technician (PCCET) Command and Control, Tactic TA0011 - Enterprise | MITRE ATT&CK Advanced Threat Prevention: Inline Cloud Analysis - Palo Alto Networks


質問 # 100
In which phase of the cyberattack lifecycle do attackers establish encrypted communication channels back to servers across the internet so that they can modify their attack objectives and methods?

  • A. installation
  • B. exploitation
  • C. actions on the objective
  • D. command and control

正解:D

解説:
Command and Control: Attackers establish encrypted communication channels back to command-and-control (C2) servers across the internet so that they can modify their attack objectives and methods as additional targets of opportunity are identified within the victim network, or to evade any new security countermeasures that the organization may attempt to deploy if attack artifacts are discovered.


質問 # 101
Which pillar of Prisma Cloud application security addresses ensuring that your cloud resources and SaaS applications are correctly configured?

  • A. compute security
  • B. visibility, governance, and compliance
  • C. network protection
  • D. dynamic computing

正解:B

解説:
Ensuring that your cloud resources and SaaS applications are correctly configured and adhere to your organization's security standards from day one is essential to prevent successful attacks. Also, making sure that these applications, and the data they collect and store, are properly protected and compliant is critical to avoid costly fines, a tarnished image, and loss of customer trust. Meeting security standards and maintaining compliant environments at scale, and across SaaS applications, is the new expectation for security teams.


質問 # 102
Which core component is used to implement a Zero Trust architecture?

  • A. Content Identification
  • B. Web Application Zone
  • C. VPN Concentrator
  • D. Segmentation Platform

正解:D

解説:
"Remember that a trust zone is not intended to be a "pocket of trust" where systems (and therefore threats) within the zone can communicate freely and directly with each other. For a full Zero Trust implementation, the network would be configured to ensure that all communications traffic, including traffic between devices in the same zone, is intermediated by the corresponding Zero Trust Segmentation Platform."


質問 # 103
Which type of LAN technology is being displayed in the diagram?

  • A. Mesh Topology
  • B. Star Topology
  • C. Bus Topology
  • D. Spine Leaf Topology

正解:A

解説:
The diagram displays a mesh topology, where each device is connected to every other device in the network. This topology is characterized by the multiple connections each node has, ensuring there is no single point of failure and providing redundant paths for data transmission, enhancing the reliability and resilience of the network. Mesh topology is one of the types of LAN technology that uses ethernet or Wi-Fi to connect devices12. Reference:
What Is Local Area Network (LAN)? Definition, Types, Architecture, and Best Practices from Spiceworks Types of LAN | Introduction and Classification of LAN from EDUCBA


質問 # 104
What is the purpose of SIEM?

  • A. Automating the security team's incident response
  • B. Securing cloud-based applications
  • C. Real-time monitoring and analysis of security events
  • D. Filtering webpages employees are allowed to access

正解:C

解説:
SIEM stands for security information and event management. It is a technology that collects, analyzes, and reports on security-related data from various sources within an organization's network. The purpose of SIEM is to provide real-time monitoring and analysis of security events, such as user logins, file access, and changes to critical system files. SIEM helps security teams to detect and respond to potential threats, as well as to meet compliance requirements and improve their cybersecurity posture. Reference: What Is Security Information and Event Management (SIEM)? - Palo Alto Networks, What is a SIEM Solution? - Palo Alto Networks, Integrate IoT Security with SIEM - Palo Alto Networks


質問 # 105
Which security component should you configure to block viruses not seen and blocked by the perimeter firewall?

  • A. strong endpoint passwords
  • B. endpoint antivirus software
  • C. endpoint NIC ACLs
  • D. endpoint disk encryption

正解:B

解説:
Endpoint antivirus software is a type of software designed to help detect, prevent, and eliminate malware on devices, such as laptops, desktops, smartphones, and tablets. Endpoint antivirus software can block viruses that are not seen and blocked by the perimeter firewall, which is a network security device that monitors and controls incoming and outgoing network traffic based on predefined security rules. Perimeter firewall can block some known viruses, but it may not be able to detect and stop new or unknown viruses that use advanced techniques to evade detection. Endpoint antivirus software can provide an additional layer of protection by scanning the files and processes on the devices and using various methods, such as signatures, heuristics, behavior analysis, and cloud-based analysis, to identify and remove malicious code123. Reference:
What Is Endpoint Antivirus? Key Features & Solutions Explained - Trellix Microsoft Defender for Endpoint | Microsoft Security Download ESET Endpoint Antivirus | ESET


質問 # 106
Which two pieces of information are considered personally identifiable information (PII)? (Choose two.)

  • A. Birthplace
  • B. Profession
  • C. Name
  • D. Login 10

正解:A、C

解説:
Personally identifiable information (PII) is any data that can be used to identify someone. All information that directly or indirectly links to a person is considered PII1. Among PII, some pieces of information are more sensitive than others. Sensitive PII is sensitive information that directly identifies an individual and could cause significant harm if leaked or stolen2. Birthplace and name are examples of sensitive PII, as they can be used to distinguish or trace an individual's identity, either alone or when combined with other information3. Login 10 and profession are not considered sensitive PII, as they are not unique to a person and do not reveal their identity. Login 10 is a non-sensitive PII that is easily accessible from public sources, while profession is not a PII at all, as it does not link to a specific individual4. Reference:
1: What is PII (personally identifiable information)? - Cloudflare
2: What is Personally Identifiable Information (PII)? | IBM
3: personally identifiable information - Glossary | CSRC
4: What Is Personally Identifiable Information (PII)? Types and Examples


質問 # 107
During the OSI layer 3 step of the encapsulation process, what is the Protocol Data Unit (PDU) called when the IP stack adds source (sender) and destination (receiver) IP addresses?

  • A. Frame
  • B. Data
  • C. Segment
  • D. Packet

正解:D

解説:
The IP stack adds source (sender) and destination (receiver) IP addresses to the TCP segment (which now is called an IP packet) and notifies the server operating system that it has an outgoing message ready to be sent across the network.


質問 # 108
A high-profile company executive receives an urgent email containing a malicious link. The sender appears to be from the IT department of the company, and the email requests an update of the executive's login credentials for a system update.
Which type of phishing attack does this represent?

  • A. Vishing
  • B. Angler phishing
  • C. Pharming
  • D. Whaling

正解:D

解説:
Whaling is a targeted phishing attack aimed at high-profile individuals, such as executives. The attacker impersonates a trusted entity (e.g., IT department) to trick the executive into revealing sensitive credentials. This is a form of spear phishing specifically focused on "big fish" targets.


質問 # 109
What are two disadvantages of Static Rout ng? (Choose two.)

  • A. Single point of failure
  • B. Requirement for additional computational resources
  • C. Less security
  • D. Manual reconfiguration

正解:A、D

解説:
Static routing is a form of routing that occurs when a router uses a manually-configured routing entry, rather than information from dynamic routing traffic 1. Static routing has some advantages, such as simplicity, low overhead, and full control, but it also has some disadvantages, such as:
* Manual reconfiguration: Static routes require manual effort to configure and maintain. This can be time-consuming and error-prone, especially in large networks with many routes. If there is a change in the network topology or a link failure, the static routes need to be updated manually by the network administrator 23.
* Single point of failure: Static routing is not fault tolerant. This means that if the path used by the static route stops working, the traffic will not be rerouted automatically. The network will be unreachable until the failure is repaired or the static route is changed manually. Dynamic routing, on the other hand, can adapt to network changes and find alternative paths 23.


質問 # 110
A native hypervisor runs:

  • A. directly on the host computer's hardware
  • B. only on certain platforms
  • C. within an operating system's environment
  • D. with extreme demands on network throughput

正解:A

解説:
* Type 1 (native or bare metal). Runs directly on the host computer's hardware
* Type 2 (hosted). Runs within an operating system environment


質問 # 111
Which option is an example of a North-South traffic flow?

  • A. Traffic between an internal server and internal user
  • B. An internal three-tier application
  • C. Lateral movement within a cloud or data center
  • D. Client-server interactions that cross the edge perimeter

正解:D

解説:
North-south refers to data packets that move in and out of the virtualized environment from the host network or a corresponding traditional data center. North-south traffic is secured by one or more physical form factor perimeter edge firewalls.


質問 # 112
......

無料お試しPalo Alto Networks Cybersecurity-Practitioner問題集PDFは必ずベストの問題集オプションを使おう:https://jp.fast2test.com/Cybersecurity-Practitioner-premium-file.html

Cybersecurity-Practitioner試験資料Palo Alto Networks学習ガイド:https://drive.google.com/open?id=1B0EaR89wjCbSqAKx2v8v46kowSEUEh5R


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어