EMT Practice Test

1. Question Content...


Question List

Question1: An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

Question2: Based on the security policy rules shown, ssh will be allowed on which port?

Question3: Which two security profile types can be attached to a security policy? (Choose two.)

Question4: Which action related to App-ID updates will enable a security administrator to view the existing security policy rule that matches new application signatures?

Question5: Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate malicious code against a targeted machine.

Question6: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Step 1 - Select network tab
Step 2 - Select zones from the list of available items
Step 3 - Select Add
Step 4 - Specify Zone Name
Step 5 - Specify Zone Type
Step 6 - Assign interfaces as needed

Question7: Based on the screenshot what is the purpose of the included groups?

Question8: Which firewall plane provides configuration, logging, and reporting functions on a separate processor?

Question9: Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

Question10: In which stage of the Cyber-Attack Lifecycle would the attacker inject a PDF file within an email?

Question11: Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

Question12: Which type security policy rule would match traffic flowing between the inside zone and outside zone within the inside zone and within the outside zone?

Question13: Arrange the correct order that the URL classifications are processed within the system.

Question14: Which license must an administrator acquire prior to downloading Antivirus updates for use with the firewall?

Question15: What is an advantage for using application tags?

Question16: Which three statement describe the operation of Security Policy rules or Security Profiles? (Choose three)

Question17: Which license must an Administrator acquire prior to downloading Antivirus Updates for use with the firewall?

Question18: Which interface type can use virtual routers and routing protocols?

Question19: Which two statements are true for the DNS security service introduced in PAN-OS version 10.0?

Question20: An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

Question21: The firewall sends employees an application block page when they try to access Youtube.
Which Security policy rule is blocking the youtube application?

Question22: A server-admin in the USERS-zone requires SSH-access to all possible servers in all current and future Public Cloud environments. All other required connections have already been enabled between the USERS- and the OUTSIDE-zone. What configuration-changes should the Firewall-admin make?

Question23: Actions can be set for which two items in a URL filtering security profile? (Choose two.)

Question24: What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

Question25: How often does WildFire release dynamic updates?

Question26: Match the network device with the correct User-ID technology.

Question27: A company moved its old port-based firewall to a new Palo Alto Networks NGFW 60 days ago. Which utility should the company use to identify out-of-date or unused rules on the firewall?

Question28: Which operations are allowed when working with App-ID application tags?

Question29: Which path in PAN-OS 10.0 displays the list of port-based security policy rules?

Question30: Match the Cyber-Attack Lifecycle stage to its correct description.

Question31: Which plane on a Palo alto networks firewall provides configuration logging and reporting functions on a separate processor?

Question32: In which profile should you configure the DNS Security feature?

Question33: A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base.
On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days.
Based on the information, how is the SuperApp traffic affected after the 30 days have passed?

Question34: Which option lists the attributes that are selectable when setting up an Application filters?

Question35: Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?

Question36: Which two App-ID applications will need to be allowed to use Facebook-chat? (Choose two.)

Question37: Which administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server.
Which security profile components will detect and prevent this threat after the firewall`s signature database has been updated?

Question38: Which URL profiling action does not generate a log entry when a user attempts to access that URL?

Question39: Which service protects cloud-based applications such as Dropbox and Salesforce by administering permissions and scanning files for sensitive information?

Question40: Which statement is true regarding a Prevention Posture Assessment?