لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
A company wants to install a PA-3060 firewall between two core switches on a VLAN trunk link. They need to assign each VLAN to its own zone and to assign untagged (native) traffic to its own zone which options differentiates multiple VLAN into separate zones?
A. Create VLAN objects for each VLAN and assign VLAN interfaces matching each VLAN I
B. Repeat forevery additional VLANand use a VLAN ID of 0 for untagged traffi
C. Assign each interface/subinterface to a unique zone
D. Create V-Wire objects with two V-Wire sub interface and assign only a single VLAN ID to the "Tag Allowed field one of the V-Wire object Repeat for every additional VLAN and use a VIAN ID of 0 for untagged traffi
E. Assign each interface/subinterfaceto a unique zone
F. Create V-Wire objects with two V-Wire interfaces and define a range “0- 4096" in the 'Tag Allowed filed of the V-Wire object
عرض الإجابة
اجابة صحيحة: A
السؤال #2
Which option would an administrator choose to define the certificate and protocol that Panorama and its managed devices use for SSL/TLS services?
A. Configure a Decryption Profile and select SSL/TLS services
B. Set up SSL/TLS under Polices > Service/URL Category>Service
C. Set up Security policy rule to allow SSL communication
D. Configure an SSL/TLS Profile
عرض الإجابة
اجابة صحيحة: C
السؤال #3
Where can an administrator see both the management plane and data plane CPU utilization in the WebUI?
A. System log
B. CPU Utilization widget
C. Resources widget
D. System Utilization log
عرض الإجابة
اجابة صحيحة: B
السؤال #4
A customer wants to set up a VLAN interface for a Layer 2 Ethernet port. Which two mandatory options are used to configure a VLAN interface? (Choose two.)
A. Virtual router
B. Security zone
C. ARP entries
D. Netflow Profile
عرض الإجابة
اجابة صحيحة: AD
السؤال #5
Which Palo Alto Networks VM-Series firewall is valid?
A. VM-25
B. VM-800
C. VM-50
D. VM-400
عرض الإجابة
اجابة صحيحة: A
السؤال #6
Which User-ID method maps IP address to usernames for users connecting through a web proxy that has already authenticated the user?
A. Client Probing
B. Port mapping
C. Server monitoring
D. Syslog listening
عرض الإجابة
اجابة صحيحة: BCD
السؤال #7
Which two features does PAN-OS? software use to identify applications? (Choose two)
A. port number
B. session number
C. transaction characteristics
D. application layer payload
عرض الإجابة
اجابة صحيحة: B
السؤال #8
A logging infrastructure may need to handle more than 10,000 logs per second. Which two options support a dedicated log collector function? (Choose two)
A. Panorama virtual appliance on ESX(i) only
B. M-500
C. M-100 with Panorama installed
D. M-100
عرض الإجابة
اجابة صحيحة: BD
السؤال #9
Which version of GlobalProtect supports split tunneling based on destination domain, client process, and HTTP/HTTPS video streaming application?
A. GlobalProtect version 4
B. GlobalProtect version 4
C. GlobalProtect version 4
D. GlobalProtect version 4
عرض الإجابة
اجابة صحيحة: A
السؤال #10
Which event will happen if an administrator uses an Application Override Policy?
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: D
السؤال #11
For which two reasons would a firewall discard a packet as part of the packet flow sequence? (Choose two )
A. equal-cost multipath
B. ingress processing errors
C. rule match with action "allow"
D. rule match with action "deny"
عرض الإجابة
اجابة صحيحة: D
السؤال #12
The firewall is not downloading IP addresses from MineMeld. Based, on the image, what most likely is wrong?
A. A Certificate Profile that contains the client certificate needs to be selected
B. The source address supports only files hosted with an ftp://
C. External Dynamic Lists do not support SSL connections
D. A Certificate Profile that contains the CA certificate needs to be selected
عرض الإجابة
اجابة صحيحة: D
السؤال #13
An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) received HTTP traffic and host B(10.1.1.101) receives SSH traffic. Which two security policy rules will accomplish this configuration? (Choose two)
A. Untrust (Any) to Untrust (10
B. Untrust (Any) to DMZ (1
C. Untrust (Any) to DMZ (1
D. Untrust (Any) to Untrust (10
عرض الإجابة
اجابة صحيحة: D
السؤال #14
Which two settings can be configured only locally on the firewall and not pushed from a Panorama template or template stack? (Choose two)
A. HA1 IP Address
B. Network Interface Type
C. Master Key
D. Zone Protection Profile
عرض الإجابة
اجابة صحيحة: D
السؤال #15
Which two actions would be part of an automatic solution that would block sites with untrusted certificates without enabling SSL Forward Proxy? (Choose two.)
A. Create a no-decrypt Decryption Policy rule
B. Configure an EDL to pull IP addresses of known sites resolved from a CRL
C. Create a Dynamic Address Group for untrusted sites
D. Create a Security Policy rule with vulnerability Security Profile attached
E. Enable the “Block sessions with untrusted issuers” setting
عرض الإجابة
اجابة صحيحة: B
السؤال #16
An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs. The administrator assigns priority 100 to the active firewall. Which priority is correct for the passive firewall?
A. 99
B. 1
C. 255
عرض الإجابة
اجابة صحيحة: AB
السؤال #17
Which method does an administrator use to integrate all non-native MFA platforms in PAN-OS? software?
A. Okta
B. DUO
C. RADIUS
D. PingID
عرض الإجابة
اجابة صحيحة: B
السؤال #18
Which two methods can be configured to validate the revocation status of a certificate? (Choose two.)
A. CRL
B. CRT
C. OCSP
D. Cert-Validation-Profile
E. SSL/TLS Service Profile
عرض الإجابة
اجابة صحيحة: AC
السؤال #19
Which administrative authentication method supports authorization by an external service?
A. Certificates
B. LDAP
C. RADIUS
D. SSH keys
عرض الإجابة
اجابة صحيحة: C
السؤال #20
A network Administrator needs to view the default action for a specific spyware signature. The administrator follows the tabs and menus through Objects> Security Profiles> Anti-Spyware and select default profile. What should be done next?
A. Click the simple-critical rule and then click the Action drop-down list
B. Click the Exceptions tab and then click show all signatures
C. View the default actions displayed in the Action column
D. Click the Rules tab and then look for rules with "default" in the Action column
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.