Palo Alto Networks Certified Cybersecurity Associate (PCCSA) — Question 9

Identify a weakness of a perimeter-based network security strategy to protect an organization's endpoint systems.

Answer options

• A. It cannot identify command-and-control traffic.
• B. It cannot monitor all potential network ports.
• C. It assumes that all internal devices are untrusted.
• D. It assumes that every internal endpoint can be trusted.

Correct answer: D

Explanation

The correct answer is D because a perimeter-based security model often leads to the false assumption that all internal endpoints are secure and trustworthy. This can create vulnerabilities, as threats may already exist within the network. Options A, B, and C highlight limitations of perimeter security but do not directly address the assumption about internal endpoint trustworthiness.