Term
| What are the five steps to a Zero Trust Network |
|
Definition
1. Define your protect surface
2. Map the transaction flows
3. Architect a Zero Trust Network
4. Create the Zero Trust policy
5. Monitor and maintain the network |
|
|
Term
|
Definition
|
|
Term
|
Definition
| protected health information |
|
|
Term
|
Definition
| personally identifiable information |
|
|
Term
|
Definition
|
|
Term
|
Definition
| data, application, assets or services |
|
|
Term
| What is a well-defined set of rules that include the following: subjects, objects, actions, permissions & protections. |
|
Definition
|
|
Term
| What is an abstraction that provides a conceptual language for administrators to specify security policies |
|
Definition
|
|
Term
|
Definition
| discretionary access control |
|
|
Term
What refers to a scheme where users are given the ability to determine the permissions governing access to their own files? |
|
Definition
| discretionary access control |
|
|
Term
| What is a more restrictive scheme that does not allow users to define permissions on files, regardless of ownership. Instead, security decisions are made by a central policy administrator. |
|
Definition
|
|
Term
| What is a formal framework for specifying security policy in a precise language, which is usually a type of logic or programming language, together with a mechanism for ensuring that the specified policy is enforced. |
|
Definition
|
|
Term
| A trust management system consists of two main components: |
|
Definition
a policy language
a compliance checker |
|
|
Term
| A trust management system typically has rules describing what 4 things: |
|
Definition
| actions, principals, policies and credentials |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| intrusion detection system |
|
|
Term
|
Definition
| intrusion prevention system |
|
|
Term
|
Definition
|
|
Term
| A fully integrated system of components and services, including a partner ecosystem, that delivers consistent security across the network, endpoints, and cloud. |
|
Definition
| security operating platform |
|
|
Term
| what three key components make up the security operating platform? |
|
Definition
network security
advanced endpoint protection
cloud security |
|
|
Term
| what essential functional capabilities within an effective NFG allow complete visibility? |
|
Definition
application identification
user identification
content identification |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| a network filter that allows administrators to restrict access to external content from within a network is known as what? |
|
Definition
|
|
Term
| within TCP is an object known as what, which is the piece of the system that manages access controls? |
|
Definition
|
|
Term
| the process of adjusting an IDPS to maximize its efficiency in detecting true positives while minimizing false positives and false negatives is known as what? |
|
Definition
|
|
Term
| the commonly used name for an intermediate area between a trusted network and an untrusted network is what? |
|
Definition
|
|
Term
| which type of firewall filtering allows the firewall to react to an emergent event and update or create rules to deal with the event? |
|
Definition
|
|
Term
| T or F: a wireless security toolkit should include the ability to sniff wireless traffic, scan wireless hosts, and assess the level of privacy or confidentiality afforded on the wireless network. |
|
Definition
|
|
Term
| the method by which systems determine whether and how to admit a user into a trusted area of the organization is known as what? |
|
Definition
|
|
Term
| T or F: signature-based IDPS technology is widely used because many attacks have clear and distinct signatures |
|
Definition
|
|
Term
| what term is used to describe decoy systems designed to lure potential attackers away from critical systems? |
|
Definition
|
|
Term
| T or F: the authentication factor "something a supplicant has" relies upon individual characteristics, such as fingerprints, palm prints, hand topography, hand geometry, or retina and iris scans. |
|
Definition
|
|
Term
| a set of day-one, next-generation firewall configuration templates for PAN-OS that are based on security best practice recommendations |
|
Definition
|
|
Term
| which PA series firewall brings next-generation firewall capabilities to distributed enterprise branch offices, retail locations, and midsize businesses in a small form factor |
|
Definition
|
|
Term
| which palo alto networks NGFW report can be created and scheduled to show exactly the information you want to see by filtering on conditions and columns to include. You can also include query builders for more specific details in report data. |
|
Definition
|
|
Term
| which palo alto networks NGFW logs display entries for the security rules that help prevent sensitive information such as credit card numbers from leaving the area that the firewall protects? |
|
Definition
|
|
Term
| which security operating platform capability supports a coordinated security platform that accounts for the full scope of an attack, across the various security controls that compose the security posture. This allows organizations to quickly identify and block known threats |
|
Definition
| prevent all known threats, fast |
|
|
Term
| which content-id filtering capability controls the transfer of sensitive data patterns such as credit card and social security numbers in application content and attachments? |
|
Definition
|
|
Term
| what is an intrusion prevention feature that protects networks from all types of vulnerability exploits, buffer overflows, DoS attacks, and port scans that lead to the compromise of confidential and sensitive enterprise information |
|
Definition
|
|
Term
| on the NGFW, which type of user-id technique can be configured to probe microsoft windows servers for active network sessions of a user? |
|
Definition
|
|
Term
| which application identification technique determines whether the initially detected application protocol is the "real one" or if it is being used as a tunnel to hide the actual application |
|
Definition
|
|
Term
| what feature of the NGFW integrates multiple threat prevention disciplines (IPS, anti-malware, URL filtering, etc) into a single stream-based engine with a uniform signature format |
|
Definition
|
|
Term
which key capability is this of the security operating platform:
to understand the full context of an attack, visibility of all users and devices is provided across the organization's network, endpoint, cloud, and SaaS applications |
|
Definition
|
|
Term
which key capability is this of the security operating platform:
best-of-breed technologies that are natively integrated provide a prevention architecture that inherently reduces the attack surface. This type of architecture allows organizations to exert positive control based on applications, users, and content, with support for open communication, orchestration, and visibility |
|
Definition
| reduce the attack surface |
|
|
Term
which key capability is this of the security operating platform:
a coordinated security platform accounts for the full scope of an attack, across the various security controls that compose the security posture. This allows organizations to quickly identify and block known threats. |
|
Definition
| prevent all known threats, fast |
|
|
Term
which key capability is this of the security operating platform:
building security that simply detects threats and requires a manual response is too little, too late. Automated creation and delivery of near-real-time protections against new threats to the various security solutions in the organization's environments enable dynamic policy updates. These updates are designed to allow enterprises to scale defenses with technology, rather than people. |
|
Definition
| detect and prevent new, unknown threats with automation |
|
|
Term
| what is a tightly integrated system of components and services, including a partner ecosystem, that delivers consistent security across the network, endpoints, and cloud |
|
Definition
| security operating platform |
|
|
Term
| what are the 3 key components of the security operating platform |
|
Definition
network security
advanced endpoint protection
cloud security |
|
|
Term
what is the key security operating platform element here:
the foundation of the security operating platform available in physical, virtual and cloud-delivered deployment options to provide consistent protection wherever your data and apps reside |
|
Definition
|
|
Term
what is the key security operating platform element here:
add-on enhanced threat services and ngfw capabilities, including DNS security, URL filtering, threat prevention, and wildfire malware prevention |
|
Definition
|
|
Term
what is the key security operating platform element here:
provides centralized network security management, simplifying administration while delivering comprehensive controls and deep visibility into network-wide traffic and security threats |
|
Definition
|
|
Term
what is the essential function capability in an effective ngfw described here:
accurately identify applications regardless of port, protocol, evasive techniques, or encryption. Provide visibility of applications and granular policy-based control over applications, including individual application functions |
|
Definition
| application identification |
|
|
Term
what is the essential function capability in an effective ngfw described here:
accurately identify users and subsequently use identity information as an attribute for policy control |
|
Definition
|
|
Term
what is the essential function capability in an effective ngfw described here:
control traffic based on complete analysis of all allowed traffic, using multiple threat prevention and data loss prevention techniques in a single-pass architecture that fully integrates all security functions |
|
Definition
|
|
Term
|
Definition
| internet protocol security |
|
|
Term
|
Definition
| advanced encryption standard |
|
|
Term
|
Definition
| generic routing encapsulation |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| triple data encryption standard |
|
|
Term
|
Definition
| public key infrastructure |
|
|
Term
| the simplest kind of encryption that involves only one secret key to cipher and decipher information |
|
Definition
|
|
Term
| public key cryptography which uses two keys to encrypt plain text |
|
Definition
|
|
Term
| used in conjunction with an algorithm to create ciphertext from plaintext |
|
Definition
|
|
Term
| process of making and using codes to secure the transmissions of information |
|
Definition
|
|
Term
| the science of encryption |
|
Definition
|
|
Term
| hybrid cryptosystem that has become the open-source de facto standard for encryption and authentication of email and file storage applications |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| advanced encryption standard |
|
|
Term
| what encryption replaced DES |
|
Definition
|
|
Term
developed by IBM in early 1970s
first modern symmetric cipher
general structure still used |
|
Definition
|
|
Term
| what kind of cipher is DES |
|
Definition
|
|
Term
| initially created as a replacement for DES |
|
Definition
|
|
Term
block cipher that works on 128-bit blocks
selected as replacement for DES |
|
Definition
|
|
Term
| also known as Rijndael block cipher |
|
Definition
|
|
Term
| most widely used symmetric cipher |
|
Definition
|
|
Term
a symmetric block cipher
designed in 1993 by bruce schneier
noncommercial product |
|
Definition
|
|
Term
a stream cipher
developed by Ron Rivest
more than one version |
|
Definition
|
|
Term
a block cipher
substitution-permutation network like AES
all operations executed in parallel |
|
Definition
|
|
Term
developed by national security agency (nsa)
process was highly controversial
unbalanced Feistel network |
|
Definition
|
|
Term
|
Definition
|
|
Term
| most basic encryption mode |
|
Definition
|
|
Term
|
Definition
|
|
Term
| mathematical function that condenses data to a fixed size |
|
Definition
|
|
Term
|
Definition
|
|
Term
| Secure Access Service Edge |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| software-defined wide-area network |
|
|
Term
|
Definition
| zero trust network access |
|
|
Term
|
Definition
|
|
Term
|
Definition
| secure access service edge |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| cloud access security broker |
|
|
Term
|
Definition
| allowed and provided by IT |
|
|
Term
|
Definition
| allowed because of a legitimate business need, with restrictions, but not provided by IT |
|
|
Term
|
Definition
| not allowed then controlling their usage with granular policies |
|
|
Term
|
Definition
| information access & protection |
|
|
Term
|
Definition
| cloud-native security platform |
|
|
Term
|
Definition
| continuous integration/continuous delivery |
|
|
Term
| an approach to building & running applications that takes full advantage of a cloud computing delivery model instead of an on-premises data center |
|
Definition
|
|
Term
| What 3 solution are included in Palo Alto Networks CNSP |
|
Definition
prisma cloud
prisma access
prasma saas |
|
|
Term
| Prisma Cloud rests on what four pillars |
|
Definition
visibility, governance, & compliance
compute security
network protection
identity security |
|
|
Term
|
Definition
| integrated development environment |
|
|
Term
|
Definition
| software configuration management |
|
|
Term
|
Definition
| user and entity behavior analytics |
|
|
Term
| cybersecurity solution or feature that discovers threats by identifying activity that deviates from a baseline |
|
Definition
|
|
Term
| the task of tracking and controlling changes in software |
|
Definition
|
|
Term
| a software application that provides comprehensive tools - such as a source code editor, build automation tools, and a debugger - for application developers |
|
Definition
|
|
Term
|
Definition
| runtime application self-protection |
|
|
Term
| detect attacks against an application in real time |
|
Definition
|
|
Term
|
Definition
| identity and access management |
|
|
Term
| uniquely identifies users & groups in a directory service (ie active directory), controls what resources those users & groups can access, and what functions they can perform on a resource |
|
Definition
|
|
Term
|
Definition
| multiprotocol label switching |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| security assertion markup language |
|
|
Term
| philosophy developed by Forrester to identify the need to protect data |
|
Definition
| never trust, always verify |
|
|
Term
|
Definition
| software-defined perimeter |
|
|
Term
| security-as-a-service layer in Prisma Access delivers what key capabilities |
|
Definition
dns security
firewall as a service
threat prevention
secure web gateway (swg)
data loss prevention (dlp)
cloud access security broker (casb) |
|
|
Term
|
Definition
|
|
Term
| this provides continuous monitoring of public clouds and helps organizations achieve a continuous state of compliance in their public cloud workloads |
|
Definition
|
|
Term
| GlobalProtect allows secure access from where when enabling of partner or contractor access to protected applications is needed? |
|
Definition
|
|
Term
| t/f - globalprotect provides a vpn solution |
|
Definition
|
|
Term
| t/f - globalprotect gateways direct all client traffic to the appropriate globalprotect portal |
|
Definition
|
|
Term
| what 3 options can be classified as vpn challenges: |
|
Definition
deep packet inspection
analysis of data per regulatory & compliance policies
maintenance & updating of client apps & services |
|
|
Term
| what is the globalprotect dashboard that allows you to use widgets and filter to evaluate & summarize trends related to your mobile devices & compliance status? |
|
Definition
| mobile security manager (MSM) |
|
|
Term
| what are the 3 features of panorama? |
|
Definition
simpler policy enforcement
streamlined management & automation
insights to prevent cyberattacks |
|
|
Term
|
Definition
| application command center |
|
|
Term
| what are the 3 panorama deployment modes |
|
Definition
panorama mode
management mode
log collector mode |
|
|
Term
|
Definition
| open-source intelligence providers |
|
|
Term
|
Definition
| information sharing and analysis centers |
|
|
Term
|
Definition
| computer emergency response teams |
|
|
Term
|
Definition
| representational state transfer |
|
|
Term
|
Definition
| structured threat information expression |
|
|
Term
|
Definition
| extensible markup language |
|
|
Term
| an architectural programming style that typically runs over HTTP; commonly used for mobile apps, social networking websites, and mashup tools |
|
Definition
|
|
Term
| a XML format for conveying data about cybersecurity threats in a standardized format |
|
Definition
|
|
Term
| a programming language specification that defines a set of rules for encoding documents in a human-readable and machine-readable format |
|
Definition
|
|
Term
| an open-source application that streamlines the aggregation, enforcement and sharing of threat intelligence. |
|
Definition
|
|
Term
|
Definition
|
|
