100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Palo Alto Practice Test Questions with Revised Answers $13.39   Add to cart

Exam (elaborations)

Palo Alto Practice Test Questions with Revised Answers

 9 views  0 purchase
  • Course
  • Palo Alto
  • Institution
  • Palo Alto

Palo Alto Practice Test Questions with Revised Answers Which action in a Security policy rule results in traffic being silently rejected? Select one: a. Deny b. Drop c. Reset Server d. Reset Client - Answer-Reset Server Which NGFW security policy rule applies to all matching traffic within...

[Show more]

Preview 3 out of 20  pages

  • August 14, 2024
  • 20
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • palo alto
  • Palo Alto
  • Palo Alto
avatar-seller
Scholarsstudyguide
Palo Alto Practice Test Questions
with Revised Answers
Which action in a Security policy rule results in traffic being silently rejected?
Select one:
a. Deny
b. Drop
c. Reset Server
d. Reset Client - Answer-Reset Server

Which NGFW security policy rule applies to all matching traffic within the specified
source zones?
Select one:
a. Default
b. Interzone
c. Intrazone
d. Universal - Answer-Intrazone

Which type of Security policy rule is the default rule type?
Select one:
a. Interzone
b. Intrazone
c. Universal
d. Default - Answer-Interzone

In the Palo Alto Networks Application Command Center (ACC), which filter allows you to
limit the display to the details you care about right now and to exclude the unrelated
information from the current display?
Select one:
a. Global
b. Universal
c. Group
d. Local - Answer-Global

Select the answer that best completes this sentence. Source NAT commonly is used for
_________ users to access the ________ internet. - Answer-private, public

Select the answer that completes this sentence. DIPP source NAT will support a
maximum of about ______________ concurrent sessions on each IP address
configured within the NAT pool.
Select one:
a. 64,000
b. 250

,c. 16,300
d. 8100 - Answer-64,000

Which one of the following statements is true about NAT rules?
Select one:
a. The destination zone in the security rule is determined before the route lookup of the
post-NAT destination IP address.
b. NAT rules are applied after security policy rules.
c. The addresses used in source NAT rules always refer to the original IP address in the
packet (that is, the pre-translated address).
d. NAT rules provide address translation, while security policy rules allow or deny
packets. - Answer-NAT rules provide address translation, while security policy rules
allow or deny packets.

What feature on the Next Generation firewall can be used to identify, in real time, the
applications taking up the most bandwidth?
Select one:
a. Quality of Service Log
b. Quality of Service Statistics
c. Application Command Center (ACC)
d. Applications Report - Answer-Application Command Center (ACC)

What are the three pre-defined tabs in the Next Generation firewall Application
Command Center (ACC)?
Choose the 3 correct choices.
If you choose an incorrect choice your question score will be deducted.

Select one or more:
a. Network Traffic
b. Blocked Activity
c. Application Traffic
d. Threat Activity - Answer-Network Traffic
Threat Activity
Blocked Activity

When using config audit to compare configuration files on a Next Generation firewall,
what does the yellow indication reveal?
Select one:
a. Change
b. Addition
c. None
d. Deletion - Answer-Change

In the Palo Alto Networks Firewall WebUI, which type of report can be compiled into a
single emailed PDF?
Select one:

, a. Predefined
b. PDF Summary
c. Group
d. Botnet - Answer-Group

On the Palo Alto Networks Next Generation Firewall, which is the default port for
transporting Syslog traffic?
Select one:
a. 6514
b. 443
c. 8080
d. 514 - Answer-514

When creating an application filter, which of the following is true? - Answer-They are
called dynamic because they will automatically include new applications from an
application signature update if the new application's type is included in the filter

Select True or False. On the Next Generation firewall, application groups are always
automatically updated when new applications are added to the App-ID database. -
Answer-False


A strength of the Palo Alto Networks firewall is:

a. hardware consolidation - data and control plane processing is improved and
performed in successive linear fasion
b. increased buffering capability.
c. its single-pass parallel processing (SP3) engine and software performs operations
once per packet - Answer-its single-pass parallel processing (SP3) engine and software
performs operations once per packet

Select True or false. The CN-Series firewalls deliver the same capabilities as the PA-
Series and VM-Series firewalls - Answer-true

Select True or False. Traffic protection from external locations where the egress point is
the perimeter is commonly referred to as "North-South" traffic. - Answer-True

The first important task of building a Zero Trust Architecture is to identify
__________________.
a. the protect surface
b. traffic
c. interdependencies
d. microperimete - Answer-the protect surface

What is the method used to create a Zero Trust policy that answers the 'who, what,
when, where, why and how' definition?
a. Logging

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.39. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81298 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.39
  • (0)
  Add to cart