- All Exams Instant Download
Which cloud-delivered security service (CDSS) would be recommended for the headquarters only?
A customer is designing a private data center to host their new web application along with a separate headquarters for users. Which cloud-delivered security service (CDSS) would be recommended for the headquarters only?A . Threat Prevention B. DNS Security C. WildFire D. Advanced URL Filtering (AURLF)View AnswerAnswer: A
WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through.
WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through. Which command returns a valid result...
What is the flow of the packet after the firewall determines that it is matched with an existing session?
A packet that is already associated with a current session arrives at the firewall. What is the flow of the packet after the firewall determines that it is matched with an existing session?A . it is sent through the fast path because session establishment is not required. If subject to...
Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?
Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?A . Security policy rule B. Tag C. Login ID D. IP addressView AnswerAnswer: B
What is the default behavior in PAN-OS when a 12 MB portable executable (PE) fe is forwarded to the WildFire cloud service?
What is the default behavior in PAN-OS when a 12 MB portable executable (PE) fe is forwarded to the WildFire cloud service?A . PE File is not forwarded. B. Flash file is not forwarded. C. PE File is forwarded D. Flash file is forwardedView AnswerAnswer: C
Which two features are key in preventing unknown targeted attacks? (Choose two)
Which two features are key in preventing unknown targeted attacks? (Choose two)A . nighty botnet report B. App-ID with the Zero Trust model C. WildFire Cloud threat analysis D. Single Pass Parallel Processing (SP3)View AnswerAnswer: B,C
Which Security profile on the Next-Generation Firewall (NGFW) includes Signatures to protect against brute force attacks?
Which Security profile on the Next-Generation Firewall (NGFW) includes Signatures to protect against brute force attacks?A . Vulnerability Protection profile B. Antivirus profile C. URL Filtering profile D. Anti-Spyware profileView AnswerAnswer: A
Which statement applies to Palo Alto Networks Single Pass Parallel Processing (SP3)?
Which statement applies to Palo Alto Networks Single Pass Parallel Processing (SP3)?A . It processes each feature in a separate single pass with additional performance impact for each enabled feature. B. Its processing applies only to security features and does not include any networking features. C. It processes all traffic...
Which two features can be enabled to support asymmetric routing with redundancy on a Palo Alto networks next-generation firewall (NGFW)? (Choose two.)
Which two features can be enabled to support asymmetric routing with redundancy on a Palo Alto networks next-generation firewall (NGFW)? (Choose two.)A . Active / active high availability (HA) B. Multiple virtual systems C. non-SYN first packet D. Asymmetric routing profileView AnswerAnswer: A,C
Which built-in feature of PAN-OS allows the NGFW administrator to create a policy that provides auto remediation for anomalous user behavior and malicious activity while maintaining user visibility?
Which built-in feature of PAN-OS allows the NGFW administrator to create a policy that provides auto remediation for anomalous user behavior and malicious activity while maintaining user visibility?A . Dynamic user groups (DUGS) B. tagging groups C. remote device User-ID groups D. dynamic address groups (DAGs)View AnswerAnswer: A
