Topic 1 : Main Questions pool
Which feature prevents the submission of corporate login information into website forms?
A.
Data filtering
B.
User-ID
C.
File blocking
D.
Credential phishing prevention
Credential phishing prevention
https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance
A client has a sensitive application server in their data center and is particularlyconcerned about session
flooding because of denial of-service attacks.How can the Palo Alto Networks NGFW be configured to specifically protect this server against session floods originating from a single IP address?
A.
Define a custom App-ID to ensure that only legitimate application traffic reaches the server
B.
Add QoS Profiles to throttle incoming requests
C.
Add a tuned DoS Protection Profile
D.
Add an Anti-Spyware Profile to block attacking IP address
Add a tuned DoS Protection Profile
A company needs to preconfigure firewalls to be sent to remote sites with the least amount of reconfiguration.
Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include
the future regional data centers.
Which VPN configuration would adapt to changes when deployed to the future site?
A.
Preconfigured GlobalProtect satellite
B.
Preconfigured GlobalProtectclient
C.
Preconfigured IPsec tunnels
D.
Preconfigured PPTP Tunnels
Preconfigured GlobalProtect satellite
Decrypted packets from the website https://www.microsoft.com will appear as which application and service within the Traffic log?
A.
web-browsing and 443
B.
SSL and 80
C.
SSL and 443
D.
web-browsing and 80
web-browsing and 443
Which DoS protection mechanism detects and prevents session exhaustion attacks?
A.
Packet Based Attack Protection
B.
Flood Protection
C.
Resource Protection
D.
TCP Port Scan Protection
Resource Protection
Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/dos-protection-profiles
How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?
A.
Configure the option for “Threshold”.
B.
Disable automatic updates during weekdays.
C.
Automatically “download only” and then install Applications and Threats later, after the administrator
approves the update.
D.
Automatically “download and install” but with the “disable new applications” option used.
Configure the option for “Threshold”.
An administrator has been asked to configure a Palo Alto Networks NGFW to provide protection against
external hosts attempting to exploit a flaw in an operating system on an internal system.
Which Security Profile type will prevent this attack?
A.
Vulnerability Protection
B.
Anti-Spyware
C.
URL Filtering
D.
Antivirus
Vulnerability Protection
Reference:
https://www.paloaltonetworks.com/documentation/71/pan-os/web-interface-help/objects/objects-security-profilesvulnerability-
protection
To connect the Palo Alto Networks firewall toAutoFocus, which setting must be enabled?
A.
Device>Setup>Services>AutoFocus
B.
Device> Setup>Management >AutoFocus
C.
AutoFocus is enabled by default on the Palo Alto Networks NGFW
D.
Device>Setup>WildFire>AutoFocus
E.
Device>Setup> Management> Logging and Reporting Settings
Device> Setup>Management >AutoFocus
Reference:https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat
An administratorpushes a new configuration from Panorama to a pair of firewalls that are configured as an
active/passive HA pair. Which NGFW receives the configuration from Panorama?
A.
The Passive firewall, which then synchronizes to the active firewall
B.
The active firewall, which then synchronizes to the passive firewall
C.
Both the active and passive firewalls, which then synchronize with each other
D.
Both the active and passive firewalls independently, with no synchronization afterward
Both the active and passive firewalls, which then synchronize with each other
Which GlobalProtect Client connect method requires the distribution and use of machine certificates?
A.
User-logon (Always on)
B.
At-boot
C.
On-demand
D.
Pre-logon
Pre-logon
Page 4 out of 28 Pages |
Previous |