Lecture 10 Pt. 4

Question 1

What does NGFW stand for?

Answer 1

Next Generation Firewall

NGFW provides advanced security features beyond traditional firewalls.

Question 2

What is the primary purpose of Threat Prevention in NGFW?

Answer 2

To challenge today’s threat landscape using a multi-layered defense approach.

Question 3

Name two vendors that offer NGFW solutions.

Answer 3

• Palo Alto
• Checkpoint

Question 4

What integrated service does Palo Alto’s NGFW provide?

Answer 4

Integrated threat prevention services.

Question 5

What key feature does Palo Alto’s WildFire provide?

Answer 5

Cloud-based malware analysis.

Question 6

True or False: Palo Alto’s threat prevention relies solely on predefined ports.

Answer 6

False

Question 7

What technology does Palo Alto use to identify and add context to all traffic?

Answer 7

• User-ID
• App-ID

Question 8

What type of attacks does Palo Alto Networks Advanced Threat Prevention aim to stop?

Answer 8

Zero-day attacks.

Question 9

What is the function of Palo Alto’s WildFire in terms of malware prevention?

Answer 9

Addresses zero-day threats through dynamic and static analysis.

Question 10

Fill in the blank: Palo Alto Networks generates all native signatures _______.

Answer 10

[in-house]

Question 11

What does Advanced Threat Prevention utilize for blocking evasive and unknown exploits?

Answer 11

Purpose-built deep-learning and machine-learning models.

Question 12

What is the difference between Threat Prevention and Advanced Threat Prevention?

Answer 12

Advanced Threat Prevention includes additional features like deep-learning models.

Question 13

What types of traffic does Advanced Threat Prevention protect?

Answer 13

• Web traffic
• Non-web traffic
• Encrypted content

Question 14

What is the nature of commodity threats?

Answer 14

Less sophisticated and easier to detect.

Question 15

What are advanced persistent threats (APTs) commonly targeting?

Answer 15

• Intellectual property theft
• Financial data theft

Question 16

What detection mechanisms does the Palo Alto next-generation firewall include?

Answer 16

• Signature-based
• Heuristics-based
• Sandbox-based
• Layer 7 protocol analysis-based

Question 17

What is the update frequency for protections when deployed with WildFire?

Answer 17

Every five minutes.

Question 18

What does Palo Alto Networks’ Threat Prevention prevent?

Answer 18

• Vulnerability exploits
• Malware
• Botnets

Question 19

True or False: Palo Alto’s Threat Prevention can integrate with third-party solutions.

Answer 19

True

Question 20

How does Palo Alto’s IPS signature differ from legacy security devices?

Answer 20

It covers vulnerabilities per profile rather than relying solely on ports.

Question 21

What type of forensics does Palo Alto’s Threat Prevention provide?

Answer 21

Actionable, correlated forensics.