PALO ALTO PCCET QUESTIONS AND
ANSWERS 100% CORRECT
Which type of cyberattack sends extremely high volumes of network traffic such as
packets, data, or transactions that render the victim's network unavailable or unusable?
A. distributed denial-of-service (DDoS)
B. spamming botnet
C. phishing botnet
D. denial-of-service (DoS) - ANSWER-A
Which core component of Cortex combines security orchestration, incident
management, and interactive investigation to serve security teams across the incident
lifecycle?
A. AutoFocus
B. Cortex XDR
C. Cortex XSOAR
D. Cortex Data Lake - ANSWER-C
Which type of advanced malware has entire sections of code that serve no purpose
other than to change the signature of the malware, thus producing an infinite number of
signature hashes for even the smallest of malware programs?
A. distributed
B. polymorphic
C. multi-functional
D. obfuscated - ANSWER-B
Which type of phishing attack is specifically directed at senior executives or other high-
profile targets within an organization?
A. whaling
B. watering hole
C. pharming
D. spear phishing - ANSWER-A
Which wireless security protocol includes improved security for IoT devices, smart
bulbs, wireless appliances, and smart speakers?
A. WPA2
B. WPA3
C. WPA1
D. WEP - ANSWER-B
Which tactic, technique, or procedure (TTP) masks application traffic over port 443
(HTTPS)?
,A. using non-standard ports
B. hopping ports
C. hiding within SSL encryption
D. tunneling - ANSWER-C
Which specific technology is associated with Web 3.0?
A. social networks
B. instant messaging
C. remote meeting software
D. blockchain - ANSWER-D
Which Wi-Fi attack leverages device information about which wireless networks it
previously connected to?
A. evil twin
B. man-in-the-middle
C. Jasager
D. SSLstrip - ANSWER-C
Which malware type is installed in the BIOS of a machine, which means operating
system level tools cannot detect it?
A. rootkit
B. logic bomb
C. ransomware
D. spyware - ANSWER-A
Which Zero Trust capability provides a combination of anti-malware and intrusion
prevention technologies to protect against both known and unknown threats, including
mobile device threats?
A. least privilege
B. secure access
C. inspection of all traffic
D. cyberthreat protection - ANSWER-D
Which three options describe the relationship and interaction between a customer and
SaaS? (Choose three.)
A. subscription service
B. extensive manpower required
C. internet- or application-based
D. complex deployment
E. convenient and economical - ANSWER-ACE
Mobile devices are easy targets for attacks for which two reasons? (Choose two.)
A. They have poor battery-charging capabilities.
B. They use speaker phones.
C. They stay in an always-on, always-present state.
D. They roam in unsecured areas. - ANSWER-CD
,Which path or tool is used by attackers?
A. storage-area networks (SAN)
B. anti-malware update
C. SaaS
D. threat vector - ANSWER-D
Which kind of server is a master server that is designed to listen to individual
compromised endpoints and respond with appropriate attack commands?
A. command and control
B. bot
C. web
D. directory services - ANSWER-A
What type of malware can have multiple control servers distributed all over the world
with multiple fallback options?
A. logic bombs
B. rootkits
C. advanced or modern
D. exploits - ANSWER-C
Which type of malware disables protection software?
A. anti-AV
B. Trojan horse
C. ransomware
D. worm - ANSWER-A
Another term for a bot is a "zombie". (True or False) - ANSWER-T
The spread of unsolicited content to targeted endpoints is known as what?
A. spamming
B. pharming
C. phishing
D. exploiting - ANSWER-A
Which type of attack utilizes many endpoints as bots or attackers in a coordinated effort,
and can be extremely effective in taking down a website or some other publicly
accessible service?
A. Bluetooth
B. adware
C. distributed denial-of-service
D. man-in-the-middle - ANSWER-C
Which Wi-Fi attack intercepts the victim's web traffic, redirects the victim's browser to a
web server that it controls, and serves up whatever content the attacker desires?
A. Evil Twin
, B. SSLstrip
C. Emotet
D. Jasager - ANSWER-B
Which part of APTs indicate that attackers use advanced malware and exploits and
typically also have the skills and resources necessary to develop additional cyberattack
tools and techniques?
A. Secure
B. Persistent
C. Threat
D. Advanced - ANSWER-D
WPA2 includes a function that generates a 256-bit key based on a much shorter
passphrase created by the administrator of the Wi-Fi network and the service set
identifier (SSID) of the AP is used as a salt (random data) for the one-way hash
function. (True or False) - ANSWER-T
Which component of the zero trust conceptual architecture is called a "platform" to
reflect that it is made up of multiple distinct (and potentially distributed) security
technologies that operate as part of a holistic threat protection framework to reduce the
attack surface and correlate information about discovered threats?
A. Management infrastructure
B. Pocket of trust
C. Trust zone
D. Single component - ANSWER-D
Which zero trust deployment method obtains a detailed picture of traffic flows
throughout the network, including where, when, and to what extent specific users are
using specific applications and data resources?
A. Define trust zones
B. Establish trust zones
C. Implement at major access points
D. Listen-only mode - ANSWER-D
The Prisma suite secures public cloud environments, SaaS applications, internet
access, mobile users, and remote locations through a cloud-delivered architecture.
(True or False) - ANSWER-T
Which network device transmits an electronic signal so that wireless devices can
connect to a network?
A. router
B. access point
C. hub
D. switch - ANSWER-B
ANSWERS 100% CORRECT
Which type of cyberattack sends extremely high volumes of network traffic such as
packets, data, or transactions that render the victim's network unavailable or unusable?
A. distributed denial-of-service (DDoS)
B. spamming botnet
C. phishing botnet
D. denial-of-service (DoS) - ANSWER-A
Which core component of Cortex combines security orchestration, incident
management, and interactive investigation to serve security teams across the incident
lifecycle?
A. AutoFocus
B. Cortex XDR
C. Cortex XSOAR
D. Cortex Data Lake - ANSWER-C
Which type of advanced malware has entire sections of code that serve no purpose
other than to change the signature of the malware, thus producing an infinite number of
signature hashes for even the smallest of malware programs?
A. distributed
B. polymorphic
C. multi-functional
D. obfuscated - ANSWER-B
Which type of phishing attack is specifically directed at senior executives or other high-
profile targets within an organization?
A. whaling
B. watering hole
C. pharming
D. spear phishing - ANSWER-A
Which wireless security protocol includes improved security for IoT devices, smart
bulbs, wireless appliances, and smart speakers?
A. WPA2
B. WPA3
C. WPA1
D. WEP - ANSWER-B
Which tactic, technique, or procedure (TTP) masks application traffic over port 443
(HTTPS)?
,A. using non-standard ports
B. hopping ports
C. hiding within SSL encryption
D. tunneling - ANSWER-C
Which specific technology is associated with Web 3.0?
A. social networks
B. instant messaging
C. remote meeting software
D. blockchain - ANSWER-D
Which Wi-Fi attack leverages device information about which wireless networks it
previously connected to?
A. evil twin
B. man-in-the-middle
C. Jasager
D. SSLstrip - ANSWER-C
Which malware type is installed in the BIOS of a machine, which means operating
system level tools cannot detect it?
A. rootkit
B. logic bomb
C. ransomware
D. spyware - ANSWER-A
Which Zero Trust capability provides a combination of anti-malware and intrusion
prevention technologies to protect against both known and unknown threats, including
mobile device threats?
A. least privilege
B. secure access
C. inspection of all traffic
D. cyberthreat protection - ANSWER-D
Which three options describe the relationship and interaction between a customer and
SaaS? (Choose three.)
A. subscription service
B. extensive manpower required
C. internet- or application-based
D. complex deployment
E. convenient and economical - ANSWER-ACE
Mobile devices are easy targets for attacks for which two reasons? (Choose two.)
A. They have poor battery-charging capabilities.
B. They use speaker phones.
C. They stay in an always-on, always-present state.
D. They roam in unsecured areas. - ANSWER-CD
,Which path or tool is used by attackers?
A. storage-area networks (SAN)
B. anti-malware update
C. SaaS
D. threat vector - ANSWER-D
Which kind of server is a master server that is designed to listen to individual
compromised endpoints and respond with appropriate attack commands?
A. command and control
B. bot
C. web
D. directory services - ANSWER-A
What type of malware can have multiple control servers distributed all over the world
with multiple fallback options?
A. logic bombs
B. rootkits
C. advanced or modern
D. exploits - ANSWER-C
Which type of malware disables protection software?
A. anti-AV
B. Trojan horse
C. ransomware
D. worm - ANSWER-A
Another term for a bot is a "zombie". (True or False) - ANSWER-T
The spread of unsolicited content to targeted endpoints is known as what?
A. spamming
B. pharming
C. phishing
D. exploiting - ANSWER-A
Which type of attack utilizes many endpoints as bots or attackers in a coordinated effort,
and can be extremely effective in taking down a website or some other publicly
accessible service?
A. Bluetooth
B. adware
C. distributed denial-of-service
D. man-in-the-middle - ANSWER-C
Which Wi-Fi attack intercepts the victim's web traffic, redirects the victim's browser to a
web server that it controls, and serves up whatever content the attacker desires?
A. Evil Twin
, B. SSLstrip
C. Emotet
D. Jasager - ANSWER-B
Which part of APTs indicate that attackers use advanced malware and exploits and
typically also have the skills and resources necessary to develop additional cyberattack
tools and techniques?
A. Secure
B. Persistent
C. Threat
D. Advanced - ANSWER-D
WPA2 includes a function that generates a 256-bit key based on a much shorter
passphrase created by the administrator of the Wi-Fi network and the service set
identifier (SSID) of the AP is used as a salt (random data) for the one-way hash
function. (True or False) - ANSWER-T
Which component of the zero trust conceptual architecture is called a "platform" to
reflect that it is made up of multiple distinct (and potentially distributed) security
technologies that operate as part of a holistic threat protection framework to reduce the
attack surface and correlate information about discovered threats?
A. Management infrastructure
B. Pocket of trust
C. Trust zone
D. Single component - ANSWER-D
Which zero trust deployment method obtains a detailed picture of traffic flows
throughout the network, including where, when, and to what extent specific users are
using specific applications and data resources?
A. Define trust zones
B. Establish trust zones
C. Implement at major access points
D. Listen-only mode - ANSWER-D
The Prisma suite secures public cloud environments, SaaS applications, internet
access, mobile users, and remote locations through a cloud-delivered architecture.
(True or False) - ANSWER-T
Which network device transmits an electronic signal so that wireless devices can
connect to a network?
A. router
B. access point
C. hub
D. switch - ANSWER-B
