Which three steps in the cyberattack lifecycle does Palo Alto Networks Security Operating Platform prevent? (Choose three.)
Which three steps in the cyberattack lifecycle does Palo Alto Networks Security Operating Platform prevent? (Choose three.)
Palo Alto Networks Security Operating Platform is a comprehensive security solution designed to prevent multiple stages of the cyberattack lifecycle. It primarily targets delivering the malware, lateral movement, and exfiltrating data. Malware delivery is intercepted using advanced threat prevention mechanisms such as anti-malware and sandboxing technologies. Lateral movement within the network is hindered through network segmentation and monitoring, stopping attackers from accessing additional systems. Data exfiltration is prevented by employing data loss prevention (DLP) technologies to detect and block unauthorized data transfers. These capabilities make B, C, and E the correct choices.
BCE are OK
Disagree with scanossa. Cyber attack can be prevented by breaking any one of the five cyber attack lifecycle stages. Recon and weaponize occur outside of your network. So the answer is BCE
ABD, the question says "prevent". C & E occurs after the threat has control
D is not correct because generally the weaponization of the malware is not at the hacker level so we can't prevent it and A is also wrong because we can't prevent from passive recon so BCE are true
The Palo Alto Networks Security Operating Platform is designed to prevent various stages of the cyberattack lifecycle. Specifically, it effectively prevents the following four stages: - Breach the Perimeter: By using advanced threat prevention mechanisms, the platform can stop initial attempts to penetrate the network perimeter. - Lateral Movement: Once inside the network, attackers often try to move laterally to access more systems. The platform uses network segmentation and advanced monitoring to detect and prevent such movements. - Exfiltrate Data: Data exfiltration is the process of unauthorized data transfer out of the network. The platform employs data loss prevention (DLP) technologies to detect and block such attempts. - Deliver the Malware: The platform can prevent malware delivery through its threat prevention capabilities, including anti-malware, anti-spyware, and sandboxing technologies. These steps cover critical phases where the platform can intervene to stop attacks before they cause significant damage.
BCE are correct
NOT Weaponization "You cannot defend against this stage of attack because all activity occurs outside of the org's network" https://www.youtube.com/watch?v=GTkHQ-HQbjQ @ 1:42
Agree with scanossa, ABD is correct https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle
ACD: https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle
I think BCD is better. Recon, especially passive one cannot be prevented by network security. lateral movement also difficult to stop with firewall since not all traffic will go through firewall (for example, traffic from same network segment). Vulnerability protection is literally the function of IPS