All Coursera Quiz Answers

Palo Alto Networks Cloud Security Fundamentals Final Exam Quiz Answers

In this article i am gone to share Coursera Course: Palo Alto Networks Cloud Security Fundamentals Final Exam Quiz Answers with you..

Enroll Link: Palo Alto Networks Cloud Security Fundamentals

About this Course

In this Cloud Security Fundamentals course you will learn basic principles associated with securing the cloud and SaaS-based applications through Secure Access Service Edge architecture and identify concepts required to recognize and potentially mitigate attacks against traditional and hybrid datacenters as well as mission critical infrastructure. The course also demonstrates how to initially setup and configure containers on a docker bridge network and test the container security through the use of vulnerability scans and reports.

 

Also visit: Palo Alto Networks Cloud Security Fundamentals Module 2 to Module 6 Quiz Answers

 

Palo Alto Networks Cloud Security Fundamentals Final Exam Quiz Answers

Question 1)
Which of the following is not a phase of implementing security in virtualized data centers:

  • Consolidating servers across trust levels
  • Consolidating servers within trust levels
  • Selective network security virtualization
  • Implementing a static and flat computing fabric

Question 2)
Data that moves in and out of the virtualized environment from the host network or a corresponding traditional data center is also known as:

  • North-South
  • Unknown
  • North-East
  • East-West

Question 3)
Intra-VM traffic is also known as:

  • North-South
  • Unknown
  • North-East
  • East-West

Question 4)
The first phase of implementing security in virtualized data centers consists of:

  • Consolidating servers across trust levels
  • Consolidating servers within trust levels
  • Selectively virtualizing network security functions
  • Implementing a dynamic computing fabric

Question 5)
An added benefit of using virtual firewalls for east-west protection is the unprecedented traffic and threat visibility that the virtualized security device can now provide.

  • True
  • False

Question 6)
Which of the 4 Cs of cloud native security provides the trusted computing base for a Kubernetes cluster. If the cluster is built on a foundation that is inherently vulnerable or configured with poor security controls, then the other layers cannot be properly secured.

  • Clusters
  • Containers
  • Code
  • Cloud

Question 7)
Development and Operations teams meet regularly, share analytics, and co-own projects from beginning to end.

  • True
  • False

Question 8)
The Cloud Native Computing Foundation (CNCF) Kubernetes project defines a container security model for Kubernetes in the context of cloud native security. This model is referred to as โ€œthe 4 Cโ€™s of Cloud Native securityโ€.

  • True
  • False

Question 9)
The CI/CD pipeline integrates Development and Operations teams to improve productivity by automating infrastructure and workflows as well as continuously measuring application performance.

  • True
  • False

Question 10)
Ensuring your cloud resources and SaaS applications are correctly configured and adhere to your organizationโ€™s security standards from day one is essential to prevent successful attacks.

  • True
  • False

Question 11)
The term โ€œcloud nativeโ€ refers to an approach to building and running applications that takes full advantage of a cloud computing delivery model instead of an on-premises data center.

  • True
  • False

Question 12)
Which platform provides all three cloud native characteristics by default and, while assembled from many more generic components, are highly optimized for container workloads.

  • Serverless
  • Container as a Service
  • Thin VMs
  • On-Demand Containers

Question 13)
Which cloud native technology balances separation, excellent compatibility with existing apps, and a high degree of operational control with good density potential and easy integration into software development flows.

  • Thin VMs
  • Serverless
  • Containers
  • CaaS

Question 14)
In which cloud native technology do applications rely on managed services that abstract away the need to manage, patch, and secure infrastructure and virtual machines.

  • Serverless
  • Thin VMs
  • Containers
  • CaaS

Question 15)
Which consideration is not associated with secure virtualization?

  • Dormant VMs
  • Hypervisor Sprawl
  • Hypervisor Vulnerabilities
  • Intra-VM Communication

Question 16)
A hypervisor allows multiple, virtual (โ€œguestโ€:operating systems to run concurrently on a single physical host computer.

  • True
  • False

Question 17)
In the serverless model, applications rely on managed services that abstract away the need to manage, patch, and secure infrastructure and virtual machines.

  • True
  • False

Question 18)
The benefit of moving toward a cloud computing model is that it improves operational efficiencies and lowers capital expenditures.

  • True
  • False

Question 19)
Which cloud computing deployment model is used exclusively by a single organization?

  • Private
  • Community
  • Public
  • Hybrid

Question 20)
Which cloud computing service model is not defined by NIST?

  • Software as a Service (SaaS)
  • Infrastructure as a Service (IaaS)
  • Desktop as a Service (DaaS)
  • Platform as a Service (PaaS)

Question 21)
The cloud computing service model in which a providerโ€™s applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure is known as:

  • Infrastructure as a Service (IAAS)
  • Software as a Service (SAAS)
  • Platform as a Service (PAAS)
  • Identity as a Service (IDAAS)

Question 22)
Which cloud deployment model is bound by standardized or proprietary technology that enables data and application portability (for example, fail over to a secondary data center for disaster recovery or content delivery networks across multiple clouds)?

  • Public
  • Community
  • Private
  • Hybrid

Question 23)
Platform as a Service – PaaS โ€“ is best described as:

  • An online space where customers can develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.
  • An underlying network infrastructure that virtualizes physical computing resources, data partitioning, scaling, security, backup.
  • A licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.

Question 24)
Which security-as-a-service layer in Prisma Access SASE capability provides visibility into SaaS application usage, understands where their sensitive data resides, enforces company policies for user access, and protects their data from hackers.

  • Threat Prevention
  • Data Loss Prevention – DLP
  • Cloud Access Security Broker – CASB
  • Secure Web Gateway – SWG

Question 25)
Select the Prisma Cloud capability that decouples workload identity from IP addresses, leverages tags and metadata to assign a logical identity to applications and workloads, and then uses it to enforce ID-based micro-segmentation and security policies that adapt to your dynamic environments.

  • Identity and access management – IAM – security
  • UEBA
  • Access management
  • Machine identity

Question 26)
Which Prisma Access SASE capability can be used to block inappropriate content – such as pornography and gambling – or websites that businesses simply donโ€™t want users accessing while at work, such as streaming services like Netflix.

  • Virtual Private Network – VPN
  • Secure Web Gateway – SWG
  • Firewall as a Service – FWaaS
  • Zero Trust Network Access – ZTNA

Question 27)
To safely enable SaaS usage in your organization, start by clearly defining the SaaS applications that should be used and which behaviors within those applications are allowed. Which category of applications are not allowed, then controlling their usage with granular policies.

  • Tolerated
  • Unsanctioned
  • Sanctioned
  • Permitted

Question 28)
Select the type of cybersecurity solution or feature that discovers threats by identifying activity that deviates from a baseline.

  • Software configuration management – SCM
  • User and entity behavior analytics – UEBA
  • Integrated development environment – IDE
  • Dynamic User List – DUL

Question 29)
Prisma SaaS is an inline service, so it doesnโ€™t impact latency, bandwidth, or end-user experience.

  • True
  • False

Question 30)
Sanctioned SaaS applications fulfill a legitimate business need, but certain usage restrictions may be necessary to reduce risk.

  • True
  • False

Question 31)
A cloud access security broker โ€“ CASB – is software that monitors activity and enforces security policies on traffic between an organizationโ€™s users and cloud-based applications and services.

  • True
  • False