لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Four configuration choices are listed, and each could be used to block access to a specific URL. If you configured each choices to block the sameURL then which choice would be the last to block access to the URL?
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: B
السؤال #2
At which point in the app-ID update process can you determine if an existing policy rule is affected by an app-ID update?
A. after clicking Check New in the Dynamic Update window
B. after connecting the firewall configuration
C. after downloading the update
D. after installing the update
عرض الإجابة
اجابة صحيحة: A
السؤال #3
Assume a custom URL Category Object of `NO-FILES` has been created to identify a specific website.How can file uploading/downloading be restricted for the website while permitting general browsing access to that website?
A. Create a Security policy with a URL Filtering profile that references the site access setting of block to NO-FILES
B. Create a Security policy that references NO-FILES as a URL Category qualifier with an appropriate File Blocking profile
C. Create a Security policy with a URL Filtering profile that references the site access setting of continue to NO-FILES
D. Create a Security policy that references NO-FILES as a URL Category qualifier with an appropriate Data Filtering profile
عرض الإجابة
اجابة صحيحة: B
السؤال #4
Which action results in the firewall blocking network traffic with out notifying the sender?
A. Drop
B. Deny
C. Reset Server
D. Reset Client
عرض الإجابة
اجابة صحيحة: D
السؤال #5
Which statement is true regarding NAT rules?
A. Static NAT rules have precedence over other forms of NAT
B. Translation of the IP address and port occurs before security processing
C. NAT rules are processed in order from top to bottom
D. Firewall supports NAT on Layer 3 interfaces only
عرض الإجابة
اجابة صحيحة: A
السؤال #6
To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: C
السؤال #7
What do application filters help provide access to?
A. Applications that are explicitly sanctioned for use within a company
B. Applications that are not explicitly sanctioned and that a company wants users to be able to access
C. Applications that are explicitly unsanctioned for use within a company
D. Applications that are not explicitly unsanctioned and that a company wants users to be able to access
عرض الإجابة
اجابة صحيحة: B
السؤال #8
You receive notification about new malware that is being used to attack hosts. The malware exploits a software bug in common application.Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?
A. Data Filtering Profile applied to outbound Security policy rules
B. Antivirus Profile applied to outbound Security policy rules
C. Data Filtering Profile applied to inbound Security policy rules
D. Vulnerability Protection Profile applied to inbound Security policy rules
عرض الإجابة
اجابة صحيحة: B
السؤال #9
How are Application Fillers or Application Groups used in firewall policy?
A. An Application Filter is a static way of grouping applications and can be configured as a nested member of an Application Group
B. An Application Filter is a dynamic way to group applications and can be configured as a nested member of an Application Group
C. An Application Group is a dynamic way of grouping applications and can be configured as a nested member of an Application Group
D. An Application Group is a static way of grouping applications and cannot be configured as a nested member of Application Group
عرض الإجابة
اجابة صحيحة: D
السؤال #10
An address object of type IP Wildcard Mask can be referenced in which part of the configuration?
A. Security policy rule
B. ACC global filter
C. external dynamic list
D. NAT address pool
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?
A. Windows session monitoring via a domain controller
B. passive server monitoring using the Windows-based agent
C. Captive Portal
D. passive server monitoring using a PAN-OS integrated User-ID agent
عرض الإجابة
اجابة صحيحة: AD
السؤال #12
All users from the internal zone must be allowed only Telnet access to a server in the DMZ zone. Complete the two empty fields in the Security Policy rules that permits only this type of access. Choose two.
A. Service = "any"
B. Application = "Telnet"
C. Service - "application-default"
D. Application = "any"
عرض الإجابة
اجابة صحيحة: B
السؤال #13
Which setting is available to edit when a tag is created on the local firewall?
A. Color
B. Location
C. Order
D. Priority
عرض الإجابة
اجابة صحيحة: D
السؤال #14
What can be achieved by selecting a policy target prior to pushing policy rules from Panorama? *
A. You can specify the location as pre- or post-rules to push policy rules
B. You can specify the firewalls in a device group to which to push policy rules
C. Doing so provides audit information prior to making changes for selected policy rules
D. Doing so limits the templates that receive the policy rules
عرض الإجابة
اجابة صحيحة: A
السؤال #15
What can be achieved by selecting a policy target prior to pushing policy rules from Panorama?
A. Doing so limits the templates that receive the policy rules
B. Doing so provides audit information prior to making changes for selected policy rules
C. You can specify the firewalls m a device group to which to push policy rules
D. You specify the location as pre can - or post-rules to push policy rules
عرض الإجابة
اجابة صحيحة: C
السؤال #16
You receive notification about a new malware that infects hosts An infection results in the infected host attempting to contact a command-and-control server Which Security Profile when applied to outbound Security policy rules detects and prevents this threat from establishing a command-and-control connection?
A. Antivirus Profile
B. Data Filtering Profile
C. Vulnerability Protection Profile
D. Anti-Spyware Profile
عرض الإجابة
اجابة صحيحة: C
السؤال #17
What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control? (Choose two.)
A. SAML
B. TACACS+
C. LDAP
D. Kerberos
عرض الإجابة
اجابة صحيحة: AC
السؤال #18
Which two features can be used to tag a username so that it is included in a dynamic user group? (Choose two.)
A. GlobalProtect agent
B. XML API
C. User-ID Windows-based agent
D. log forwarding auto-tagging
عرض الإجابة
اجابة صحيحة: BC
السؤال #19
What do you configure if you want to set up a group of objects based on their ports alone?
A. Application groups
B. Service groups
C. Address groups
D. Custom objects
عرض الإجابة
اجابة صحيحة: A
السؤال #20
An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command- and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall’s signature database has been updated? (Choose two.)
A. vulnerability protection profile applied to outbound security policies
B. anti-spyware profile applied to outbound security policies
C. antivirus profile applied to outbound security policies
D. URL filtering profile applied to outbound security policies
عرض الإجابة
اجابة صحيحة: BC
السؤال #21
Which type security policy rule would match traffic flowing between the inside zone and outside zone within the inside zone and within the outside zone?
A. global
B. universal
C. intrazone
D. interzone
عرض الإجابة
اجابة صحيحة: B
السؤال #22
Which two rule types allow the administrator to modify the destination zone? (Choose two )
A. interzone
B. intrazone
C. universal
D. shadowed
عرض الإجابة
اجابة صحيحة: A
السؤال #23
Which Security policy action will message a user's browser that their web session has been terminated?
A. Reset client
B. Deny
C. Drop
D. Reset server
عرض الإجابة
اجابة صحيحة: D
السؤال #24
Which Palo Alto networks security operating platform service protects cloud-based application such as Dropbox and salesforce by monitoring permissions and shared and scanning files for Sensitive information?
A. Prisma SaaS
B. AutoFocus
C. Panorama
D. GlobalProtect
عرض الإجابة
اجابة صحيحة: C
السؤال #25
What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control (RBAC)? (Choose two.)
A. SAML
B. TACACS+
C. LDAP
D. Kerberos
عرض الإجابة
اجابة صحيحة: AB
السؤال #26
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
A. create the service object in the specific template
B. uncheck the shared option
C. ensure that disable override is selected
D. ensure that disable override is cleared
عرض الإجابة
اجابة صحيحة: ABC
السؤال #27
Recently changes were made to the firewall to optimize the policies and the security team wants to see if those changes are helping. What is the quickest way to reset the hit counter to zero in all the security policy rules?
A. At the CLI enter the command reset rules and press Enter
B. Highlight a rule and use the Reset Rule Hit Counter > Selected Rules for each rule
C. Reboot the firewall
D. Use the Reset Rule Hit Counter > All Rules option
عرض الإجابة
اجابة صحيحة: D
السؤال #28
What are two valid selections within an Antivirus profile? (Choose two.)
A. deny
B. drop
C. default
D. block-ip
عرض الإجابة
اجابة صحيحة: B
السؤال #29
What is the default action for the SYN Flood option within the DoS Protection profile?
A. Reset-client
B. Alert
C. Sinkhole
D. Random Early Drop
عرض الإجابة
اجابة صحيحة: D
السؤال #30
Which dynamic update type includes updated anti-spyware signatures?
A. Applications and Threats
B. GlobalProtect Data File
C. Antivirus
D. PAN-DB
عرض الإجابة
اجابة صحيحة: D
السؤال #31
Which two App-ID applications will need to be allowed to use Facebook-chat? (Choose two.)
A. facebook
B. facebook-chat
C. facebook-base
D. facebook-email
عرض الإجابة
اجابة صحيحة: BC
السؤال #32
Given the image, which two options are true about the Security policy rules. (Choose two.)
A. The Allow Office Programs rule is using an Application Filter
B. In the Allow FTP to web server rule, FTP is allowed using App-ID
C. The Allow Office Programs rule is using an Application Group
D. In the Allow Social Networking rule, allows all of Facebook's functions
عرض الإجابة
اجابة صحيحة: BC
السؤال #33
What are three factors that can be used in domain generation algorithms? (Choose three.)
A. cryptographic keys
B. time of day
C. other unique values
D. URL custom categories
E. IP address
عرض الإجابة
اجابة صحيحة: AB
السؤال #34
What is the minimum frequency for which you can configure the firewall to check for new WildFire antivirus signatures?
A. every 30 minutes
B. every 5 minutes
C. every 24 hours
D. every 1 minute
عرض الإجابة
اجابة صحيحة: D
السؤال #35
Which statement best describes the use of Policy Optimizer?
A. Policy Optimizer can display which Security policies have not been used in the last 90 days
B. Policy Optimizer on a VM-50 firewall can display which Layer 7 App-ID Security policies have unused applications
C. Policy Optimizer can add or change a Log Forwarding profile for each Secunty policy selected
D. Policy Optimizer can be used on a schedule to automatically create a disabled Layer 7 App-ID Security policy for every Layer 4 policy that exists Admins can then manually enable policies they want to keep and delete ones they want to remove
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.