All Coursera Quiz Answers

Palo Alto Networks Security Operations Fundamentals Final Exam Quiz Answers

In this article i am gone to share Coursera Course: Palo Alto Networks Security Operations Fundamentals Final Exam Quiz Answers with you..

Enroll Link: Palo Alto Networks Security Operations Fundamentals

About this Course

In this Security Operations Fundamentals course you will gain an understanding of Security Pperations (SecOps) and the role it plays in protecting our digital way of life, for businesses and customers. You will focus on continuous improvement processes to collect high-fidelity intelligence, contextual data, and automated prevention workflows that quickly identify and respond to fast-evolving threats. The course also demonstrates how to leverage automation to reduce strain on analysts and execute the Security Operation Centerโ€™s (SOC) mission to identify, investigate, and mitigate threats.


Also visit: Palo Alto Networks Security Operations Fundamentals Quiz Answers


 

Palo Alto Networks Security Operations Fundamentals Final Exam Quiz Answers

Question 1)
Which SecOps Investigate function provides the data needed to perform the different types of investigation from severity triage to detailed analysis and hunting?

  • Forensics and Telemetry
  • Detailed Analysis
  • Breach Response
  • Change Control

Question 2)
Which SecOp element includes capabilities needed to provide visibility and enable people?

  • Technology
  • Processes
  • People
  • Interfaces

Question 3)
Which SecOps Improve function is rooted in revisiting prior incidents and asking how these incidents can be better prevented or mitigated in the future?

  • Quality Review
  • Process Improvement
  • Tuning
  • Capability Improvement

Question 4)
Which type of SecOps gathered data includes the complete contents of an item, without change or modification?

  • Event
  • Alert
  • Telemetry
  • Forensic

Question 5)
Which SecOps element includes external functions to help achieve goals?

  • Business
  • People
  • Interfaces
  • Visibility

Question 6)
Which main function of SecOps stops the attack?

  • Identify
  • Mitigate
  • Investigate
  • Improve

Question 7)
Which SecOps Identify function defines the event prioritization based on impact to the business to help guide the analystโ€™s actions through the incident response lifecycle?

  • Escalation Process
  • Initial Research
  • Content Engineering
  • Severity Triage

Question 8)
SecOps content engineering is the function that builds alerting profiles which identify the alerts that will be forwarded for investigation.

  • True
  • False

Question 9)
Which SOC feature helps ensure consistency through machine-driven responses to security issues?

  • Automation
  • EDR
  • Threat Intelligence
  • DLP

Question 10)
Which SOC team is responsible for the implementation and ongoing maintenance of the SecOps teamโ€™s tools, including the SIEM and analysis tools?

  • Engineering
  • Security
  • Operations
  • Development

Question 11)
Which SOC Infrastructure tool is used as a central repository to ingest logs from all corporate-owned systems. SIEMs collect and process audit trails, activity logs, security alarms, telemetry, metadata, and other historical or observational data from a variety of different applications, systems, and networks in an enterprise?

  • Analysis
  • SIEM
  • Engineering
  • Orchestration

Question 12)
Which SOC function allows for accelerated incident response through the execution of standardized and automated playbooks that work upon inputs from security technology and other data flows?

  • SIEM
  • EDR
  • SOAR
  • DLP

Question 13)
Which SOC tool allows an organization to define incident analysis and response procedures in a digital workflow format.

  • DLP
  • SOAR
  • EDR
  • SIEM

Question 14)
Security Operations infrastructure includes a security information and event management โ€“ SIEM – platform, analysis tools, and SOC engineering.

  • True
  • False

Question 15)
SecOps engineering tools are often based on machine learning, deep learning, and artificial intelligenceโ€” that provide either stand-alone, embedded, or add-on functionality to detect evidence of a security compromise.

  • True
  • False

Question 16)
SOC playbooks coordinate across technologies, security teams, and external users for centralized data visibility and action.

  • True
  • False

Question 17)
Which Cortex XDR WIldfire analysis technique detonates previously unknown submissions in a custom- built, evasion-resistant virtual environment to determine real-world effects and behavior?

  • Static
  • Dynamic
  • Virtual
  • Bare-Metal

Question 18)
Which Cortex XDR component is designed to minimize the operational challenges associated with protecting your endpoints?

  • Management Console
  • Endpoint Agent
  • Data Lake
  • Malware Prevention

Question 19)
Which remediation endpoint action disables all network access on compromised endpoints except for traffic to the Cortex XDR management console, preventing these endpoints from communicating with and potentially infecting other endpoints?

  • Terminate Processes
  • Isolate Endpoints
  • Block Executions
  • Quarantine Files

Question 20)
Before a file runs, the Cortex XDR agent queries WildFire with the hash of any Windows, macOS, or Linux executable file, as well as any dynamic link library โ€“ DLL – or Office macro, to assess its standing within the global threat community. WildFire returns a near-instantaneous verdict on whether a file is malicious or benign.

  • True
  • False

Question 21)
In addition to third-party feeds, Cortex XDR uses the intelligence obtained from tens of thousands of subscribers to the Palo Alto Networks WildFire malware prevention service to continuously aggregate threat data and maintain the collective immunity of all users across endpoints, networks, and cloud applications.

  • True
  • False

Question 22)
The Cortex XDR agent uses multiple methods โ€“ such as local analysis, WildFire inspection and analysis, Gatekeeper enhancements, trusted publisher identification, and administrator override policies โ€“ to block malware on macOS systems.

  • True
  • False

Question 23)
Select the open-source application that streamlines the aggregation, enforcement, and sharing of threat intelligence.

  • MineMeld
  • AutoFocus
  • WildFire
  • NGFW

Question 24)
Which three options are threat intelligence sources for AutoFocus? A. WildFire B. URL Filtering with PAN-DB Service C. Unit 42 Threat Intelligence and Research Team D. Third-Party Intrusion Prevention Systems

  • A,B,D
  • A,B,C
  • B,C,D
  • A,C,D

Question 25)
AutoFocus is an optional module that can be added to Next Generation Firewalls.

  • True
  • False

Question 26)
AutoFocus allows you to build sophisticated multilayer searches at the host and network-based artifact levels, and target your search within industry, time period, and other filters. These searches allow you to make previously unknown connections between attacks and plan your incident response actions accordingly.

  • True
  • False

Question 27)
AutoFocus makes over a billion samples and sessions, including billions of artifacts, immediately actionable for security analysis and response efforts.

  • True
  • False

Question 28)
MineMeld allows you to aggregate threat intelligence across public, private, and commercial intelligence sources, including between government and commercial organizations.

  • True
  • False

Question 29)
Which element of SecOps provides information needed to accomplish goals?

  • Business
  • People
  • Interfaces
  • Visibility

Question 30)
Cortex is a one-stop shop for SecOps, solving all key challenges in a more efficient way with higher security outcomes.

  • True
  • False

Question 31)
Cortex Data Lake unifies case management, automation, real-time collaboration, and native threat intel management in the industryโ€™s first extended security orchestration, automation, and response โ€“ SOAR – offering.

  • True
  • False