Palo Alto Networks Certified Cybersecurity Entry-level Technician PCCET Exam Practice Test

Answer : B

Port hopping is a technique that changes protocols at random during a session to evade detection and analysis by security devices. Port hopping can be used by malware or attackers to communicate with command and control servers or to exfiltrate data. Port hopping makes it difficult to identify and block malicious traffic based on port numbers or signatures.Reference:Port Hopping,Ports Used for Management Functions,Adding a Custom Application/Ports to Security Policy

Answer : D

Cortex XDR breaks the silos of traditional detection and response by natively integrating network, endpoint, and cloud data to stop sophisticated attacks

Answer : A

Ensuring that your cloud resources and SaaS applications are correctly configured and adhere to your organization's security standards from day one is essential to prevent successful attacks. Also, making sure that these applications, and the data they collect and store, are properly protected and compliant is critical to avoid costly fines, a tarnished image, and loss of customer trust. Meeting security standards and maintaining compliant environments at scale, and across SaaS applications, is the new expectation for security teams.

Answer : A

Answer : A

A static routing protocol requires that routes be created and updated manually on a router or other network device. If a static route is down, traffic can't be automatically rerouted unless an alternate route has been configured. Also, if the route is congested, traffic can't be automatically rerouted over the less congested alternate route. Static routing is practical only in very small networks or for very limited, special-case routing scenarios (for example, a destination that's used as a backup route or is reachable only via a single router). However, static routing has low bandwidth requirements (routing information isn't broadcast across the network) and some built-in security (users can route only to destinations that are specified in statically defined routes).

Answer : B, C

A rootkit is a type of malware that enables cyber criminals to gain access to and infiltrate data from machines without being detected.It covers software toolboxes designed to infect computers, give the attacker remote control, and remain hidden for a long period of time1One of the most prominent characteristics of a rootkit is that it cannot be detected by antivirus because of its masking techniques.A rootkit may be able to subvert the software that is intended to find it, such as by hooking system calls, modifying kernel objects, or tampering with the registry2Another prominent characteristic of a rootkit is that it takes control of the operating system. A rootkit may install itself in the kernel or the firmware of the device, giving it the highest level of privilege and access. A rootkit may also replace the bootloader or the BIOS of the machine, making it difficult to remove.A rootkit can use its control over the operating system to launch other malware, such as ransomware, bots, keyloggers, or trojans34Reference:

1: What Is a Rootkit? How to Defend and Stop Them? | Fortinet

2: Rootkit - Wikipedia

3: What Is a Rootkit? -- Microsoft 365

4: What is Rootkit? Attack Definition & Examples - CrowdStrike

Answer : C

A layer 2 switch will break up collision domains but not broadcast domains. To break up broadcast domains you need a Layer 3 switch with vlan capabilities.