Which firewall plane provides configuration, logging, and reporting
functions on a separate processor? Correct Ans - Control plane
A security administrator has configured App-ID updates to be
automatically downloaded and installed. The company is currently using an
application identified byApp-ID as SuperApp_base.On a content update
notice, Palo Alto Networks is adding new app signatures labeled
SuperApp_chat and SuperApp_download, which will be deployed in 30
days.Based on the information, how is the SuperApp traffic affected after
the 30 days have passed? Correct Ans - No impact because the
firewall automatically adds the rules to the App-ID interface
How many zones can an interface be assigned with a Palo Alto Networks
firewall? Correct Ans - One
Which two configuration settings shown are not the default? Correct
Ans - Server Log Monitor Frequency (sec)
Enable Session
Which data-plane processor layer provides uniform matching for spyware
and vulnerability exploits on a Palo Alto Networks Firewall? Correct
Ans - Signature Matching
Which option shows the attributes that are selectable when setting up
application filters? Correct Ans - Category, Subcategory,
Technology, Risk, and Characteristic
Actions can be set for which two items in a URL filtering security profile?
Correct Ans - Custom URL Categories
PAN-DB URL Categories
Which two statements are correct about App-ID content updates?
Correct Ans - Existing security policy rules are not affected by
application content updates
After an application content update, new applications are automatically
identified and classified
,Which User-ID mapping method should be used for an environment with
clients that do not authenticate to Windows Active Directory? Correct
Ans - Captive Portal
An administrator needs to allow users to use their own office applications.
How should the administrator configure the firewall to allow multiple
applications in a dynamic environment? Correct Ans - Create an
Application Group and add business-systems to it
Which statement is true regarding a Best Practice Assessment? Correct
Ans - It provides a percentage of adoption for each assessment data
Complete the statement. A security profile can block or allow traffic.
Correct Ans - after it is evaluated by a security policy that allows traffic
When creating a Source NAT policy, which entry in the Translated Packet
tab will display the options Dynamic IP and Port, Dynamic, Static IP, and
None? Correct Ans - Translation Type
Which interface does not require a MAC or IP address? Correct Ans -
Virtual Wire
A company moved its old port-based firewall to a new Palo Alto Networks
NGFW 60 days ago. Which utility should the company use to identify out-
of-date or unused rules on the firewall? Correct Ans - Rule Usage
Filter > Hit Count > Unused in 90 days
What are two differences between an implicit dependency and an explicit
dependency in App-ID? Correct Ans - An implicit dependency does
not require the dependent application to be added in the security policy
An explicit dependency requires the dependent application to be added in
the security policy
Recently changes were made to the firewall to optimize the policies and the
security team wants to see if those changes are helping.What is the
quickest way to reset the hit counter to zero in all the security policy rules?
Correct Ans - Use the Reset Rule Hit Counter > All Rules option
, Which two App-ID applications will need to be allowed to use Facebook-
chat? Correct Ans - Facebook-base
Facebook-chat
Which User-ID agent would be appropriate in a network with multiple
WAN links, limited network bandwidth, and limited firewall management
plane resources? Correct Ans - Windows-based agent deployed on
the internal network
Your company requires positive username attribution of every IP address
used by wireless devices to support a new compliance requirement. You
must collect IP-to-user mappings as soon as possible with minimal
downtime and minimal configuration changes to the wireless devices
themselves. The wireless devices are from various manufactures.Given the
scenario, choose the option for sending IP-to-user mappings to the NGFW.
Correct Ans - syslog
An administrator receives a global notification for a new malware that
infects hosts. The infection will result in the infected host attempting to
contact a command- and-control (C2) server. Which two security profile
components will detect and prevent this threat after the firewall's
signature database has been updated? Correct Ans - anti-spyware
profile applied to outbound security policies
URL filtering profile applied to outbound security policies
In which stage of the Cyber-Attack Lifecycle would the attacker inject a PDF
file within an email? Correct Ans - Weaponization
Identify the correct order to configure the PAN-OS integrated USER-ID
agent.
3. add the service account to monitor the server(s)
2. define the address of the servers to be monitored on the firewall
4. commit the configuration, and verify agent connection status
1. create a service account on the Domain Controller with sufficient
permissions to execute the User- ID agent Correct Ans - 1-3-2-4
Users from the internal zone need to be allowed to Telnet into a server in
the DMZ zone.Complete the security policy to ensure only Telnet is
allowed.Security Policy: Source Zone: Internal to DMZ Zone
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Studyhall. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.