Exam (elaborations)
Palo Alto EDU-210 and EDU-220 Questions & Answers
- Course
- Institution
Palo Alto EDU-210 and EDU-220 Questions & Answers
[Show more]
Content preview
Palo Alto EDU-210 and EDU-220 Questions & AnswersWhich option describes the result of clicking an application's name in the
Dashboard's Top Applications widget?
A. The web interface displays a popup window with application usage
details.
B. The color of the application changes to indicate its risk factor.
C. The ACC tab opens with the application added as a global filter.
D. Nothing happens because the application name is not a web link.
Correct Ans - C
Which two elements of a credential-based attack are examples of credential
theft? (Choose two.)
A. malware
B. keystroke logging
C. infiltration at the perimeter
D. brute force Correct Ans - BD
A Security policy rule displayed in italic font indicates which condition?
A. The rule is active.
B. The rule has been overridden.
C. The rule is a clone.
D. The rule is disabled. Correct Ans - D
Which two statements are true regarding network segmentation? (Choose
two.)
A. reduces the attack surface
B. depends on network VLAN capability
C. implementation requires at least two firewalls
D. often aligns with firewall security zone configuration Correct Ans -
AD
Which Security Profile type would you configure to block access to known-
malicious domains?
A. URL Filtering
B. Vulnerability Protection
C. Anti-Spyware
D. Data Filtering Correct Ans - C
,Which two statements are true about sessions on the firewall? (Choose
two.)
A. The firewall tries to match network packets to an existing session ID.
B. The only session information tracked in the session logs are the five
tuples.
C. Sessions always are matched to a Security policy rule.
D. Return traffic is allowed. Correct Ans - AD
Which firewall profile protects against port scan reconnaissance activities?
A. Zone Protection Profile
B. URL Filtering Profile
C. DoS Protection Profile
D. Data Filtering Profile Correct Ans - A
Which two conditions must be met before the firewall can use a Security
Profile to inspect network traffic for malicious activity? (Choose two.)
A. Traffic must be decrypted (clear text).
B. Zone protection must be enabled.
C. User-ID must be enabled.
D. Traffic must match a Security policy rule. Correct Ans - AD
Which three objects can be sent to WildFire for analysis? (Choose three.)
A. URL links found in email
B. known files and URL links
C. MGT interface traffic
D. email attachments
E. files traversing the firewall Correct Ans - ADE
An Interface Management Profile can be attached to which two interface
types? (Choose two.)
A. Layer 2
B. Loopback
C. Tap
D. Layer 3
E. Virtual Wire Correct Ans - BD
Which two statements are true regarding how the firewall uses its master
key? (Choose two.)
A. It is used to encrypt file transfers from WildFire.
, B. It is used to encrypt file transfers to WildFire.
C. It is used to encrypt local firewall account passwords.
D. It is used to encrypt private keys. Correct Ans - CD
Which statement is true about a URL Filtering Profile's continue password?
A. There is a single, per-firewall password.
B. There is a password per session.
C. There is a password per firewall administrator account.
D. There is a password per website. Correct Ans - A
During which cyber-attack lifecycle stage is the attacker working outside
the target environment to prepare the attack method and malware?
A. reconnaissance
B. weaponization
C. exploitation
D. delivery Correct Ans - B
Which two statements are true regarding SSL key pinning? (Choose two.)
A. It can prevent secure SSL Forward Proxy connections.
B. It can prevent secure SSL Inbound Inspection connections.
C. It can prevent secure SSH Proxy connections.
D. It can prevent the use of counterfeit certificates. Correct Ans -
AD
Which interface type does NOT require any configuration changes to
adjacent network devices?
A. Layer 3
B. Layer 2
C. Tap
D. Virtual Wire Correct Ans - D
Which two items are used by the firewall's Content-ID Engine to analyze
network traffic for threats? (Choose two.)
A. protocol decoders
B. custom application signatures
C. Security Profiles
D. standard application signatures Correct Ans - AC
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Studyhall. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75391 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now