لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Which profile or policy should be applied to protect against port scans from the internet?
A. MB
B. epends on the Cortex Data Lake tier purchased
C. 8 bytes
D. 500 bytes
عرض الإجابة
اجابة صحيحة: B
السؤال #2
Which option describes Arista's micro-segmentation?
A. rista and VMware are extending secure segmentation with an open API (RESTZJSON)-based exchange, which allows NSX to federate with CloudVision to extend the micro-segmentation policy for physical workloads
B. rista and Kubernetes are extending secure segmentation with an open API (RESTVJSON)-based exchange, which allows Kubernetes to federate with CloudVision to extend the micro-segmentation policy for physical workloads
C. rista's micro-segmentation and macro-segmentation are identical concepts that can be used interchangeably
D. rista and VMware both perform identical functions for NGFW micro-segmentation
عرض الإجابة
اجابة صحيحة: B
السؤال #3
A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types.The customer uses a firewall with User-ID enabledWhich feature must also be enabled to prevent these attacks?
A. ll hardware-based and VM-Series firewalls with the exception of VMware NSX
B. n hardware only
C. nly one the PA-5000 Series and higher
D. ll hardware-based and VM-Series firewalls regardless of where installed
عرض الإجابة
اجابة صحيحة: B
السؤال #4
A service provider has acquired a pair of PA-7080s for its data center to secure its customer base's traffic. The server provider's traffic is largely generated by smart phones and averages 6.000,000 concurrent sessions.Which Network Processing Card should be recommended in the Bill of Materials?
A. A-7000-20GQ-NPC
B. A-7000-40G-NPC
C. A-7000-20GQXM-NPC
D. A-7000-20G-NPC
عرض الإجابة
اجابة صحيحة: C
السؤال #5
Which three deployment modes of VM-Series firewalls are supported across NSX-T? (Choose three )
A. otify device groups within VMware Services Manager
B. User-ID agent on a Windows domain server
C. Mware Information Sources
D. one, sharing happens by default
عرض الإجابة
اجابة صحيحة: ADE
السؤال #6
An endpoint, inside an organization, is infected with known malware that attempts to make a command-and-control connection to a C2 server via the destination IP addressWhich mechanism prevents this connection from succeeding?
A. NS Sinkholing
B. NS Proxy
C. nti-Spyware Signatures
D. ildfire Analysis
عرض الإجابة
اجابة صحيحة: A
السؤال #7
What are three requirements to automate service deployment of a VM-Series firewall from an NSX Manager? (Choose three.)
A. o into vCenter/NSX and push the objects to Panorama
B. elete and re-add the security group
C. o into Panorama and synchronize the Address objects with NSX
D. heck the NSX Security policy to ensure the security group has been used in a policy
عرض الإجابة
اجابة صحيحة: ACD
السؤال #8
In which two ways can PAN-OS software consume MineMeld outputs? (Choose two.)
A. ildFire hybrid deployment
B. minute WildFire updates to threat signatures
C. ccess to the WildFire API
D. E file upload to WildFire
عرض الإجابة
اجابة صحيحة: AD
السؤال #9
Which three new script types can be analyzed in WildFire? (Choose three.)
A. M-200
B. M-100
C. M-50
D. M-300
عرض الإجابة
اجابة صحيحة: ABE
السؤال #10
Which VM series model is NOT supported on VMware NSX platform?
A. M-500
B. M-1000-HV
C. M-700
D. M-300
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Which are two use cases for HSCI ports on the SMC module on PA-7000 Series? (Choose two )
A. reate security groups only
B. reate security groups and mark them as exchangeable
C. reate security groups with tags marked as shareable
D. reate security groups and use them in an NSX-to-Palo Alto Networks redirection policy
عرض الإجابة
اجابة صحيحة: CD
السؤال #12
How frequently do WildFire signatures move into the antivirus database?
A. very 24 hours
B. very 12 hours
C. nce a week
D. very 1 hour
عرض الإجابة
اجابة صحيحة: A
السؤال #13
Decryption port mirroring is now supported on which platform?
A. 500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YR, 1x PAN-LGS-1TB-1YR
B. 500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YR, 1x PAN-SVC-BAS-PRA-25
C. 500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YRr 1x PAN-LGS-1TB-1YR, 1x PAN-PRA-25, 1x PAN-SVC-BAS-PRA-25
D. x PAN-GPCS-USER-C-BAS-1YR, 1x PAN-GPCS-NET-B-BAS-1YR, 1x PAN-LGS-1TB-1YR
عرض الإجابة
اجابة صحيحة: D
السؤال #14
What is the basis for purchasing Cortex XDR licensing?
A. olume of logs being processed based on Datalake purchased
B. umber of nodes and endpoints providing logs
C. nlimited licenses
D. umber of NGFWs
عرض الإجابة
اجابة صحيحة: B
السؤال #15
Which configuration is required to share NSX security groups as tags to be used by Dynamic Address Groups in a non-NSX firewall?
A. ahoo Maps
B. icrosoft Office 365
C. icrosoft Azure
D. oogle Docs
عرض الإجابة
اجابة صحيحة: B
السؤال #16
As you prepare to scan your Amazon S3 account, what enables Prisma service permission to access Amazon S3?
A. ccess key ID
B. ecret access key
C. dministrative Password
D. WS account ID
عرض الإجابة
اجابة صحيحة: A
السؤال #17
A customer in a non-NSX VMware environment wants to add a VM-Series firewall and to partition an existing group of VMs in the same subnet into two groups. One group needs no additional security, but the second group requires substantially more security. How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?
A. reate a new virtual switch and use the VM-Series firewall to separate virtual switches using Virtual Wire mode Then move the guests that require more security into the new virtual switch
B. dit the IP address of all of the affected VMs
C. end the VLAN out of the virtual environment into a hardware Palo Alto Networks firewall in Layer 3 mode
D. reate a Layer 3 interface in the same subnet as the VMs and configure proxy ARP
عرض الإجابة
اجابة صحيحة: D
السؤال #18
When the Cortex Data Lake is sized for Prisma Access mobile users, what is a valid log size range you would use per day. per user?
A. alo Alto Networks keep ports closed by default, only opening ports after understanding the application request, and then opening only the application-specified ports
B. alo Alto Networks does not consider port information, instead relying on App-ID signatures that do not reference ports
C. efault policies block all interzone traffic
D. alo Alto Networks NGFW protects all applications on all ports while leaving all ports opened by default
عرض الإجابة
اجابة صحيحة: D
السؤال #19
What are the benefits of NSX-V?
A. upports the Data Plane Development Kit (DPDK) libraries; enables Stackdnver Monitoring on the VMware Series Firewall; works with Cloud Launcher
B. irt-manager wizard to help with the installation process; virsh command to deploy the VM-Series; virt-install command to install
C. turdier centralized management; automated deployment ease in administering tenants and dedicated compute infrastructure; tighter integration between virtual environment and security enforcement of dynamic security
D. everages Prism Central
عرض الإجابة
اجابة صحيحة: A
السؤال #20
Which license is required to receive weekly dynamic updates to the correlation objects on the firewall and Panorama?
A. ildFire on the firewall, and AutoFocus on Panorama
B. hreat Prevention on the firewall, and Support on Panorama
C. lobalProtect on the firewall, and Threat Prevention on Panorama
D. RL Filtering on the firewall, and MineMeld on Panorama
عرض الإجابة
اجابة صحيحة: B
السؤال #21
Which option is required to Activate/Retrieve a Device Management License on the M-100 Appliance after the Auth Codes have been activated on the Palo Alto Networks Support Site?
A. enerate a Stats Dump File and upload it to the Palo Alto Networks support portal
B. elect Panorama > Licenses and click Activate feature using authorization code
C. enerate a Tech Support File and call PANTAC
D. elect Device > Licenses and click Activate feature using authorization code
عرض الإجابة
اجابة صحيحة: B
السؤال #22
How is traffic directed to a Palo Alto Networks firewall integrated with Cisco ACI?
A. y creating an access policy
B. hrough a policy-based redirect (PBR)
C. ontracts between EPGs that send traffic to the firewall using a shared policy
D. hrough a virtual machine monitor (VMM) domain
عرض الإجابة
اجابة صحيحة: C
السؤال #23
Which selection must be configured on PAN-OS External Dynamic Lists to support MineMeld indicators?
A. rototype
B. nputs
C. lass
D. eed Base URL
عرض الإجابة
اجابة صحيحة: D
السؤال #24
Which three new script types can be analyzed in WildFire? (Choose three.)
A. M-200
B. M-100
C. M-50
D. M-300
عرض الإجابة
اجابة صحيحة: ABE
السؤال #25
Which two new file types are supported on the WF-500 in PAN-OS 9? (Choose two)
A. raps TMS
B. utoFocus
C. anorama Correlation Report
D. irewall Botnet Report
عرض الإجابة
اجابة صحيحة: BD
السؤال #26
Which interface mode do you use to generate the statdump file that can be converted into an SLR? Assume that the SE wants to make the evaluation as unintrusive as possible.
A. irtual Wire
B. ayer 2
C. AP
D. ayer 3
عرض الإجابة
اجابة صحيحة: C
السؤال #27
Which two components must be configured within User-ID on a new firewall that has been implemented? (Choose two.)
A. reate a footnote within the SLR generation tool
B. dit the Key-Findings text to list the other types of categories that may be of interest
C. emove unwanted categories listed under 'High Risk' and use relevant information
D. roduce the report and edit the PDF manually
عرض الإجابة
اجابة صحيحة: AC
السؤال #28
When log sizing is factored for the Cortex Data Lake on the NGFW, what is the average log size used in calculation?
A. vulnerability profile to security policy rules that deny general web access
B. n antivirus profile to security policy rules that deny general web access
C. zone protection profile to the untrust zone
D. file blocking profile to security policy rules that allow general web access
عرض الإجابة
اجابة صحيحة: D
السؤال #29
Which license is required to receive weekly dynamic updates to the correlation objects on the firewall and Panorama?
A. ildFire on the firewall, and AutoFocus on Panorama
B. hreat Prevention on the firewall, and Support on Panorama
C. lobalProtect on the firewall, and Threat Prevention on Panorama
D. RL Filtering on the firewall, and MineMeld on Panorama
عرض الإجابة
اجابة صحيحة: B
السؤال #30
A company has deployed the following:-VM-300 firewalls in AWS-endpoint protection with the Traps Management Service-a Panorama M-200 for managing its VM-Series firewalls-PA-5220s for its internet perimeter,-Prisma SaaS for SaaS security.Which two products can send logs to the Cortex Data Lake? (Choose two).
A. nterface management profile on the zone of the ingress interface
B. one protection profile on the zone of the ingress interface
C. n App-ID security policy rule to block traffic sourcing from the untrust zone
D. ecurity profiles to security policy rules for traffic sourcing from the untrust zone
عرض الإجابة
اجابة صحيحة: CD
السؤال #31
When the Cortex Data Lake is sized for Prisma Access mobile users, what is a valid log size range you would use per day. per user?
A. alo Alto Networks keep ports closed by default, only opening ports after understanding the application request, and then opening only the application-specified ports
B. alo Alto Networks does not consider port information, instead relying on App-ID signatures that do not reference ports
C. efault policies block all interzone traffic
D. alo Alto Networks NGFW protects all applications on all ports while leaving all ports opened by default
عرض الإجابة
اجابة صحيحة: D
السؤال #32
Decryption port mirroring is now supported on which platform?
A. 500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YR, 1x PAN-LGS-1TB-1YR
B. 500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YR, 1x PAN-SVC-BAS-PRA-25
C. 500x PAN-GPCS-USER-C-BAS-1YR, 1000x PAN-GPCS-NET-B-BAS-1YRr 1x PAN-LGS-1TB-1YR, 1x PAN-PRA-25, 1x PAN-SVC-BAS-PRA-25
D. x PAN-GPCS-USER-C-BAS-1YR, 1x PAN-GPCS-NET-B-BAS-1YR, 1x PAN-LGS-1TB-1YR
عرض الإجابة
اجابة صحيحة: D
السؤال #33
Which two options describe use cases of internal and external tags in Panorama? (Choose two.)
A. DN code hooks can help to detonate malicious file samples designed to detect virtual environments
B. raffic can be automatically redirected using static Address objects
C. XLAN or NVGRE traffic is terminated and inspected for translation to VLANs
D. ontrollers can program firewalls using a REST-based API
عرض الإجابة
اجابة صحيحة: AC
السؤال #34
Which capacity license does an administrator get with a pay-as-you-go license on Public Cloud market places?
A. M-100
B. M-1000
C. M-300
D. M-200
عرض الإجابة
اجابة صحيحة: A
السؤال #35
Which two components must be configured within User-ID on a new firewall that has been implemented? (Choose two.)
A. reate a footnote within the SLR generation tool
B. dit the Key-Findings text to list the other types of categories that may be of interest
C. emove unwanted categories listed under 'High Risk' and use relevant information
D. roduce the report and edit the PDF manually
عرض الإجابة
اجابة صحيحة: AC

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: