What is the key benefit of Palo Alto Networks Single Pass Parallel Processing design?
AThere are no benefits other than slight performance upgrades
BIt allows Palo Alto Networks to add new functions to existing hardware
COnly one processor is needed to complete all the functions within the box
DIt allows Palo Alto Networks to add new devices to existing hardware
A customer requests that a known spyware threat signature be triggered based on a rate of occurrence, for example, 10 hits in 5 seconds.
How is this goal accomplished?
ACreate a custom spyware signature matching the known signature with the time attribute
BAdd a correlation object that tracks the occurrences and triggers above the desired threshold
CSubmit a request to Palo Alto Networks to change the behavior at the next update
DConfigure the Anti-Spyware profile with the number of rule counts to match the occurrence frequency
In Panorama, which three reports or logs will help identify the inclusion of a host / source in a command-and-control (C2) incident? (Choose three.)
AWildFire analysis reports
Bdata filtering logs
Chotnet reports
Dthreat logs
ESaaS reports
Which three of the following actions must be taken to enable Credential Phishing Prevention? (Choose three.)
AEnable App-ID.
BDefine a uniform resource locator (URL) Filtering profile.
CEnable User-ID.
DEnable User Credential Detection.
EDefine a Secure Sockets Layer (SSL) decryption rule base.
Which two statements correctly describe what a Network Packet Broker does for a Palo Alto Networks NGFW? (Choose two.)
AIt provides a third-party SSL decryption option, which can increase the total number of third-party devices performing analysis and enforcement.
BIt allows SSL decryption to be offloaded to the NGFW and traffic to be decrypted only once.
CIt eliminates the need for a third-party SSL decryption option, which reduces the total number of third-party devices performing decryption.
DIt allows SSL decryption to be offloaded to the NGFW and traffic to be decrypted multiple times.
A customer with a legacy firewall architecture focused on port-and-protocol-level security has heard that NGFWs open all ports by default.
Which of the following statements regarding Palo Alto Networks NGFWs is an appropriate rebuttal that explains an advantage over legacy firewalls?
AThey do not consider port information, instead relying on App-ID signatures that do not reference ports.
BThey protect all applications on all ports while leaving all ports open by default.
CThey can control applications by application-default service ports or a configurable list of approved ports on a per-policy basis.
DThey keep ports closed by default, only opening after understanding the application request, and then opening only the application-specified ports.
Which two configuration elements can be used to prevent abuse of stolen credentials? (Choose two.)
Amulti-factor authentication (MFA)
BURL Filtering Profiles
CWildFire analysis
Ddynamic user groups (DUGs)
A Fortune 500 customer has expressed interest in purchasing WildFire; however, they do not want to send discovered malware outside of their network.
Which version of WildFire will meet this customer’s requirements?
AWildFire Government Cloud
BWildFire Public Cloud
CWildFire Private Cloud
DWildFire Secure Cloud
What will a Palo Alto Networks next-generation firewall (NGFW) do when it is unable to retrieve a DNS verdict from the DNS cloud service in the configured lookup time?
Ablock the query
Ballow the request and all subsequent responses
Ctemporarily disable the DNS Security function
Ddiscard the request and all subsequent responses
What will best enhance security of a production online system while minimizing the impact for the existing network?
Aactive/active high availability (HA)
BLayer 2 interfaces
Cvirtual systems
Dvirtual wire
Which two features are found in Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)
APolicy match is based on application
BTraffic control is based on IP, port, and protocol
CTraffic is separated by zones
DIdentification of application is possible on any port
Which three of the following are identified in the Best Practice Assessment tool? (Choose three.)
Ause of device management access and settings
Buse of decryption policies
Cpresence of command-and-control (C2) sessions
Didentification of sanctioned and unsanctioned software-as-a-service (SaaS) application
Emeasurement of the adoption of URL filters, App-ID, and User-ID
WildFire can discover zero-day malware in which three types of traffic? (Choose three.)
ATFTP
BSMTP
CDNS
DFTP
EHTTPS
A large number of next-generation firewalls (NGFWs), along with Panorama and WildFire have been positioned for a prospective customer. The customer is concerned about storing retrieving and archiving firewall logs and has indicated that logs must be retained for a minimum of 60 days. An additional requirement is ingestion of a maximum of 10,000 logs per second.
What will best meet the customer’s logging requirements?
ANGFWs that have at least 10TB of internal storage
BAppropriately sized NGFW based on use of the POPSICLE tool
CAppropriate Data Lake storage determined by using the Data Lake Calculator
DA pair of fully populated M-300 storage appliances
WildFire machine learning (ML) for portable executable (PE) files is enabled in the antivirus profile and added to the appropriate firewall rules in the profile. In the Palo Alto Networks WildFire test av file, an attempt to download the test file is allowed through.
Which command returns a valid result to verify the ML is working from the command line?
Ashow wfml cloud-status
Bshow ml cloud-status
Cshow mlav cloud-status
Dshow wfav cloud-status
Which action will protect against port scans from the internet?
AAssign an Interface Management profile to the zone of the ingress interface
BAssign Security profiles to Security policy rules for traffic sourcing from the untrust zone
CApply a Zone Protection profile on the zone of the ingress interface
DApply App-ID Security policy rules to block traffic sourcing from the untrust zone
What is used to choose the best path on a virtual router that has two or more different routes to the same destination?
AMetric
BSource zone
CAdministrative distance
DPath monitoring
Which PAN-OS feature should be discussed if a prospect wants to apply Security policy actions to traffic by using tags from their virtual environment?
AMachine learning (ML)
BDynamic User Groups
CURL blocking
DMineMeld
Which solution informs a customer concerned about zero-day targeted attacks whether an attack is specifically targeted at its property?
APanorama Correlation Report
BAutoFocus
CCortex XSOAR Community Edition
DCortex XDR Prevent
A prospective customer wants to purchase a next-generation firewall (NGFW) and requires at least 2 million concurrent sessions with a minimum of 10Gbps of throughput with threat detection enabled.
Which tool will help quickly determine the correct size of NGFW for this customer?
AData Lake Calculator available on the Palo Alto Networks website
BNGFW sizing app available for iOS and Android devices
CProduct Comparison tool available on the Palo Alto Networks website
DQuoting tool available on the Palo Alto Networks website
For customers with high bandwidth requirements for Service Connections, what two limitations exist when onboarding multiple Service Connections to the same
Prisma Access location servicing a single Datacenter? (Choose two.)
ANetwork segments in the Datacenter need to be advertised to only one Service Connection
BThe customer edge device needs to support policy-based routing with symmetric return functionality
CThe resources in the Datacenter will only be able to reach remote network resources that share the same region
DA maximum of four service connections per Datacenter are supported with this topology
A customer next-generation firewall (NGFW) proof-of-concept (POC) and final presentation have just been completed.
Which CLI command is used to clear data, remove all logs, and restore default configuration?
A
request private-data-reset system
B
request reset system public-data-reset
C
request system private-data-reset
D
reset system public-data-reset
Which decryption requirement ensures that inspection can be provided to all inbound traffic routed to internal application and database servers?
AInstallation of certificates from the application server and database server on the NGFW and configuration of an SSL Inbound Decryption policy
BInstallation of a trusted root CA certificate on the NGFW and configuration of an SSL Inbound Decryption policy
CConfiguration of an SSL Inbound Decryption policy using one of the built-in certificates included in the certificate store
DConfiguration of an SSL Inbound Decryption policy without installing certificates
Which two interface types can be associated to a virtual router? (Choose two.)