Coursera Answers

Palo Alto Networks Cloud Security Fundamentals Quiz Answers

by Niyander

In this article i am gone to share Coursera Course: Palo Alto Networks Cloud Security Fundamentals Quiz Answers with you..

Enroll Link: Palo Alto Networks Cloud Security Fundamentals

About this Course

In this Cloud Security Fundamentals course you will learn basic principles associated with securing the cloud and SaaS-based applications through Secure Access Service Edge architecture and identify concepts required to recognize and potentially mitigate attacks against traditional and hybrid datacenters as well as mission critical infrastructure. The course also demonstrates how to initially setup and configure containers on a docker bridge network and test the container security through the use of vulnerability scans and reports.

 

Palo Alto Networks Cloud Security Fundamentals Module 2 Quiz Answers

Question 1)
The benefit of moving toward a cloud computing model is that it improves operational efficiencies and lowers capital expenditures.

  • True
  • False

Question 2)
Which cloud computing deployment model is used exclusively by a single organization?

  • Private
  • Community
  • Public
  • Hybrid

Question 3)
Which cloud computing service model is not defined by NIST?

  • Software as a Service (SaaS)
  • Infrastructure as a Service (IaaS)
  • Desktop as a Service (DaaS)
  • Platform as a Service (PaaS)

Question 4)
The cloud computing service model in which a provider’s applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure is known as:

  • Infrastructure as a Service (IAAS)
  • Software as a Service (SAAS)
  • Platform as a Service (PAAS)
  • Identity as a Service (IDAAS)

Question 5)
Which cloud deployment model is bound by standardized or proprietary technology that enables data and application portability (for example, fail over to a secondary data center for disaster recovery or content delivery networks across multiple clouds)?

  • Public
  • Community
  • Private
  • Hybrid

Question 6)
Platform as a Service – PaaS – is best described as:

  • An online space where customers can develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.
  • An underlying network infrastructure that virtualizes physical computing resources, data partitioning, scaling, security, backup.
  • A licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.

 

Palo Alto Networks Cloud Security Fundamentals Module 3 Quiz Answers

Question 1)
Which platform provides all three cloud native characteristics by default and, while assembled from many more generic components, are highly optimized for container workloads.

  • Serverless
  • Container as a Service
  • Thin VMs
  • On-Demand Containers

Question 2)
Which cloud native technology balances separation, excellent compatibility with existing apps, and a high degree of operational control with good density potential and easy integration into software development flows.

  • Thin VMs
  • Serverless
  • Containers
  • CaaS

Question 3)
In which cloud native technology do applications rely on managed services that abstract away the need to manage, patch, and secure infrastructure and virtual machines.

  • Serverless
  • Thin VMs
  • Containers
  • CaaS

Question 4)
Which consideration is not associated with secure virtualization?

  • Dormant VMs
  • Hypervisor Sprawl
  • Hypervisor Vulnerabilities
  • Intra-VM Communication

Question 5)
A hypervisor allows multiple, virtual (“guest”:operating systems to run concurrently on a single physical host computer.

  • True
  • False

Question 6)
In the serverless model, applications rely on managed services that abstract away the need to manage, patch, and secure infrastructure and virtual machines.

  • True
  • False

 

Palo Alto Networks Cloud Security Fundamentals Module 4 Quiz Answers

Question 1)
Which of the 4 Cs of cloud native security provides the trusted computing base for a Kubernetes cluster. If the cluster is built on a foundation that is inherently vulnerable or configured with poor security controls, then the other layers cannot be properly secured.

  • Clusters
  • Containers
  • Code
  • Cloud

Question 2)
DevSecOps, Development and Operations, teams meet regularly, share analytics, and co-own projects from beginning to end.

  • True
  • False

Question 3)
The Cloud Native Computing Foundation (CNCF) Kubernetes project defines a container security model for Kubernetes in the context of cloud native security. This model is referred to as “the 4 C’s of Cloud Native security”.

  • True
  • False

Question 4)
The CI/CD pipeline integrates Development and Operations teams to improve productivity by automating infrastructure and workflows as well as continuously measuring application performance.

  • True
  • False

Question 5)
Ensuring your cloud resources and SaaS applications are correctly configured and adhere to your organization’s security standards from day one is essential to prevent successful attacks.

  • True
  • False

Question 6)
The term “cloud native” refers to an approach to building and running applications that takes full advantage of a cloud computing delivery model instead of an on-premises data center.

  • True
  • False

 

Palo Alto Networks Cloud Security Fundamentals Module 5 Quiz Answers

Question 1)
Which of the following is not a phase of implementing security in virtualized data centers:

  • Consolidating servers across trust levels
  • Consolidating servers within trust levels
  • Selective network security virtualization
  • Implementing a static and flat computing fabric

Question 2)
Data that moves in and out of the virtualized environment from the host network or a corresponding traditional data center is also known as:

  • North-South
  • Unknown
  • North-East
  • East-West

Question 3)
Intra-VM traffic is also known as:

  • North-South
  • Unknown
  • North-East
  • East-West

Question 4)
The first phase of implementing security in virtualized data centers consists of:

  • Consolidating servers across trust levels
  • Consolidating servers within trust levels
  • Selectively virtualizing network security functions
  • Implementing a dynamic computing fabric

Question 5)
An added benefit of using virtual firewalls for east-west protection is the unprecedented traffic and threat visibility that the virtualized security device can now provide.

  • True
  • False

 

Palo Alto Networks Cloud Security Fundamentals Module 6 Quiz Answers

Question 1)
Which security-as-a-service layer in Prisma Access SASE capability provides visibility into SaaS application usage, understands where their sensitive data resides, enforces company policies for user access, and protects their data from hackers.

  • Threat Prevention
  • Data Loss Prevention – DLP
  • Cloud Access Security Broker – CASB
  • Secure Web Gateway – SWG

Question 2)
Select the Prisma Cloud capability that decouples workload identity from IP addresses, leverages tags and metadata to assign a logical identity to applications and workloads, and then uses it to enforce ID-based micro-segmentation and security policies that adapt to your dynamic environments.

  • Identity and access management – IAM – security
  • UEBA
  • Access management
  • Machine identity

Question 3)
Which Prisma Access SASE capability can be used to block inappropriate content – such as pornography and gambling – or websites that businesses simply don’t want users accessing while at work, such as streaming services like Netflix.

  • Virtual Private Network – VPN
  • Secure Web Gateway – SWG
  • Software as a Service – SaaS
  • Zero Trust Network Access – ZTNA

Question 4)
To safely enable SaaS usage in your organization, start by clearly defining the SaaS applications that should be used and which behaviors within those applications are allowed. Which category of applications are not allowed by default, but still can be controlled with granular policies?

  • Tolerated
  • Unsanctioned
  • Sanctioned
  • Permitted

Question 5)
Select the type of cybersecurity solution or feature that discovers threats by identifying activity that deviates from a baseline.

  • Software configuration management – SCM
  • User and entity behavior analytics – UEBA
  • Integrated development environment – IDE
  • Dynamic User List – DUL

Question 6)
Prisma SaaS is an inline service, so it doesn’t impact latency, bandwidth, or end-user experience.

  • True
  • False

Question 7)
Sanctioned SaaS applications fulfill a legitimate business need, but certain usage restrictions may be necessary to reduce risk.

  • True
  • False

Question 8)
A cloud access security broker – CASB – is software that monitors activity and enforces security policies on traffic between an organization’s users and cloud-based applications and services.

  • True
  • False

Also visit: Palo Alto Networks Cloud Security Fundamentals Final Exam Quiz Answers