PCNSE Terms Flashcards

1
Q

_______________ is a formal, third‐party
proctored certification that indicates that those who have achieved it possess the in‐depth
knowledge to design, install, configure, maintain, and troubleshoot most implementations based
on the Palo Alto Networks platform

A

The Palo Alto Networks Certified Network Security Engineer (PCNSE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

________________ is organized into three offerings: Strata for enterprise security, Prisma for cloud security, and Cortex for security operations. The following sections describe how they work together to address some of the world’s greatest security challenges.

A

The Palo Alto Networks cybersecurity portfolio

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

______________ prevents attacks with the industry-leading network security suite that enables organizations to embrace network transformation while consistently securing users, applications, and data—no matter where they reside.

A

Strata

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Palo Alto Networks ______________ enable you
to adopt best practices by using application, user, and content-based policies to minimize
opportunities for attack. They are available as physical appliances, virtualized appliances, and
cloud-delivered services–all of which can be managed with Panorama to ensure a consistent
security stance.

A

Machine Learning (ML)–powered Next-Generation Firewalls (NGFWs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Various form factors of a ___________ physical firewall can provide consistent protection for
the entire network perimeter, from the headquarters, data center, and office campus to the branch
offices and mobile and remote workforce. The models available include the PA-220, PA-800,
PA-3200, PA-5200, and PA-7000 Series.

A

PA-Series

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The VM-Series firewalls support the following virtualization environments:

A

● Amazon Web Services
● Cisco ACI
● Citrix NetScaler SDX
● Google CloudPlatform
● Kernel-based Virtual Machine (KVM)
● Microsoft Azure and Microsoft Hyper-V
● OpenStack
● VMware ESXi, VMware NSX, and VMware vCloud Air

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The VM-Series firewalls support the following virtualization environments:

A

● Amazon Web Services
● Cisco ACI
● Citrix NetScaler SDX
● Google CloudPlatform
● Kernel-based Virtual Machine (KVM)
● Microsoft Azure and Microsoft Hyper-V
● OpenStack
● VMware ESXi, VMware NSX, and VMware vCloud Air

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The _____________ of the ML-powered NGFW offers the same level of protection as the PA-Series offerings. Further, it makes it easy to protect both private and public cloud deployments with segmentation and proactive threat prevention.

A

virtualized version/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The _____________ of the ML-powered NGFW offers the same level of protection as the PA-Series offerings. Further, it makes it easy to protect both private and public cloud deployments with segmentation and proactive threat prevention.

A

virtualized version/VM-Series

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The _____________ of the ML-powered NGFW offers the same level of protection as the PA-Series offerings. Further, it makes it easy to protect both private and public cloud deployments with segmentation and proactive threat prevention.

A

virtualized version/VM-Series

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

____________ offers easy-to-implement and centralized management features to gain insights into
network-wide traffic and threats and to administer NGFWs everywhere. ____________ is available in
both appliance and virtual forms.

A

Panorama

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

____________ offers easy-to-implement and centralized management features to gain insights into
network-wide traffic and threats and to administer NGFWs everywhere. ____________ is available in
both appliance and virtual forms.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

____________ offers easy-to-implement and centralized management features to gain insights into
network-wide traffic and threats and to administer NGFWs everywhere. ____________ is available in
both appliance and virtual forms.

A

Panorama

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Panorama provides the following:

A

● Policy management
● Centralized visibility
● Network security insights
● Automated threat response
● Network security management
● Enterprise-level reporting and administration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

____________ Cloud delivers complete security across the development lifecycle on any cloud, enabling
you to develop cloud-native applications with confidence. The ____________ suite includes ____________ Cloud, ____________ Access Secure Access Service Edge (SASE), ____________ SaaS, and the VM-Series ML-powered
NGFWs.

A

Prisma

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

___________ is a Cloud Security Posture Management (CSPM) and cloud workload protection
platform that provides comprehensive visibility and threat detection across an organization’s
hybrid, multi-cloud infrastructure.

A

Prisma Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

___________ is a Cloud Security Posture Management (CSPM) and cloud workload protection
platform that provides comprehensive visibility and threat detection across an organization’s
hybrid, multi-cloud infrastructure.

A

Prisma Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

____________ taps into the cloud providers’ APIs for read-only access to network traffic, user activity,
and the configuration of systems and services. Prisma Cloud then correlates these disparate
datasets to help the cloud compliance and security analytics teams to prioritize risks and respond
to issues quickly. Prisma Cloud also uses an agent-based approach to secure the host, container,
and serverless computing environments against vulnerabilities, malware, and compliance
violations.

A

Prisma Cloud

19
Q

The cloud-native security platform provides the following:

A

● Comprehensive, cloud-native security
● Full lifecycle protection
● Protection across any cloud

20
Q

Prisma Cloud secures the following cloud-native infrastructures:

A

● Alibaba Cloud
● Amazon Web Services
● Docker EE
● Google CloudPlatform
● IBM Cloud
● Kubernetes
● Microsoft Azure
● Rancher
● Red Hat OpenShift
● VMware Tanzu

21
Q

Global expansion, mobile workforces, and cloud computing are changing the ways that
organizations use to implement and deploy applications. ___________ provides the protection
organizations need, where they need it. ____________ delivers a SASE (Secure Access Service Edge)
that provides globally distributed networking and security to all users and applications in the
organization.

A

Prisma Access,

22
Q

Global expansion, mobile workforces, and cloud computing are changing the ways that
organizations use to implement and deploy applications. ___________ provides the protection
organizations need, where they need it. ____________ delivers a _______________ that provides globally distributed networking and security to all users and applications in the organization.

A

Prisma Access, SASE (Secure Access Service Edge)

23
Q

_____________ converges the capabilities of wide area networks (WANs) with network security to support the
needs of the digital enterprise. These disparate networks and security services include
software-defined wide area networks (SD-WANs), secure web gateways, cloud access security brokers (CASBs), software-defined perimeters, Domain Name System (DNS) protection, and firewall
as a service.

A

SASE

24
Q

_____________ converges the capabilities of wide area networks (WANs) with network security to support the
needs of the digital enterprise. These disparate networks and security services include
software-defined wide area networks (SD-WANs), secure web gateways, cloud access security brokers (CASBs), software-defined perimeters, Domain Name System (DNS) protection, and firewall
as a service.

A

SASE

25
Q

____________ (formerly known as Aperture) is a multimode CASB service that allows you to govern
any sanctioned software as a service (SaaS) application use across all the users in your organization—and
prevent risk from breaches and noncompliance. The service enables you to discover and classify data stored across supported SaaS applications, protect sensitive data from accidental exposure, identify and protect against known and unknown malware, and perform user activity monitoring to identify potential misuse or data exfiltration.

A

Prisma SaaS

26
Q

_____________ delivers complete visibility and granular enforcement across all user, folder, and file activity within the sanctioned
SaaS applications.

A

Prisma SaaS

27
Q

___________ is the industry’s most comprehensive product suite for security operations, empowering
enterprises with best-in-class detection, investigation, automation, and response capabilities.

A

Cortex

28
Q

The Cortex product suite includes…

A

Cortex XDR, Cortex X SOAR, Cortex Data Lake, and AutoFocus.

29
Q

_____________ is the industry’s first extended detection and response platform that runs on integrated endpoint, network, and cloud data to reduce noise and focus on real threats. This platform provides complete visibility over network traffic, user behavior, and endpoint activity. It simplifies threat investigations by correlating logs from sensors to reveal threats and their timelines, which enables you to identify the root cause of every alert easily.

A

Cortex XDR

30
Q

_____________ is the industry’s first extended detection and response platform that runs on integrated endpoint, network, and cloud data to reduce noise and focus on real threats. This platform provides complete visibility over network traffic, user behavior, and endpoint activity. It simplifies threat investigations by correlating logs from sensors to reveal threats and their timelines, which enables you to identify the root cause of every alert easily.

A

Cortex XDR

31
Q

__________ also allows you to perform immediate
response actions. Finally, to stop future attacks, you can proactively define indicators of compromise
(IOCs) and behavioral indicators of compromise (BIOCs) to detect and respond to malicious activity.
The following diagram depicts the __________ architecture.

A

Cortex XDR

32
Q

__________ also allows you to perform immediate
response actions. Finally, to stop future attacks, you can proactively define indicators of compromise
(IOCs) and behavioral indicators of compromise (BIOCs) to detect and respond to malicious activity.
The following diagram depicts the __________ architecture.

A

Cortex XDR

33
Q

____________ is the industry’s first extended Security Orchestration, Automation, and Response
(SOAR) platform with native threat intelligence management. The SOAR technology can automate
up to ____ percent of all of the response actions that require human review, thus allowing overloaded
security teams to focus on more crucial tasks.

A

Cortex XSOAR, 95

34
Q

___________ integrates with a wide variety of
products to provide enhanced automation and response across processes. The following illustration
depicts the ____________ architecture, with its engine in the center, information sources on the
left, and potential consumers on the right.

A

Cortex XSOAR

35
Q

____________ enables you to easily collect large volumes of log data so that innovative applications can gain insight from the organization’s environment. You can simplify log infrastructure, automate log management, and use your data to prevent attacks more effectively.

A

Cortex Data Lake

36
Q

Radically simplify security operations by collecting, integrating, and normalizing the organization’s security data

A

Cortex Data Lake

37
Q

Radically simplify security operations by collecting, integrating, and normalizing the
organization’s security data

A
38
Q

Effortlessly run advanced artificial intelligence and ML with cloud-scale data

A
39
Q

Constantly learn from new data sources to evolve defenses

A
40
Q

Effortlessly run advanced artificial intelligence and ML with cloud-scale data

A

Cortex Data Lake

41
Q

Constantly learn from new data sources to evolve defenses

A

Cortex Data Lake

42
Q

Palo Alto Networks ML-powered NGFWs are ________-based. __________ designate a network segment in
which all the nodes—users, data centers, demilitarized zone (DMZ) servers, and remote
users—share similar network security requirements. The firewall security model is based on
evaluating traffic as it passes from one __________ to another.

A

Security Zones

43
Q

zones act as a logical way to group
physical and virtual interfaces. Zones are required to control and log the traffic that traverses the
interfaces. All the defined interfaces should be assigned a zone that marks all of the traffic coming
to or from the interface. Zones are defined for specific interface types—Tap, virtual wire, Layer 2, or
Layer 3—and can be assigned to multiple interfaces of the same type only. An interface can be
assigned only to a single zone, but a zone can contain multiple interfaces.

A