EMT Practice Test

1. Question Content...


Question List

Question1: Complete the statement. A security profile can block or allow traffic.

Question2: The firewall sends employees an application block page when they try to access Youtube.
Which Security policy rule is blocking the youtube application?

Question3: Arrange the correct order that the URL classifications are processed within the system.

Question4: A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base.
On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days.
Based on the information, how is the SuperApp traffic affected after the 30 days have passed?

Question5: At which point in the app-ID update process can you determine if an existing policy rule is affected by an app-ID update?

Question6: What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)

Question7: Match the network device with the correct User-ID technology.

Question8: Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

Question9: Which two security profile types can be attached to a security policy? (Choose two.)

Question10: How often does WildFire release dynamic updates?

Question11: Which two security profile types can be attached to a security policy? (Choose two.)

Question12: An administrator would like to see the traffic that matches the interzone-default rule in the traffic logs.
What is the correct process to enable this logging1?

Question13: At which stage of the cyber-attack lifecycle would the attacker attach an infected PDF file to an email?

Question14: Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources?

Question15: Match the network device with the correct User-ID technology.

Question16: How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?

Question17: Given the image, which two options are true about the Security policy rules. (Choose two.)

Question18: Refer to the exhibit. An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) receives HTTP traffic and Host B (10.1.1.101) receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.)

Question19: Place the following steps in the packet processing order of operations from first to last.

Question20: Which firewall plane provides configuration, logging, and reporting functions on a separate processor?

Question21: Given the topology, which zone type should zone A and zone B to be configured with?

Question22: The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.
Which security profile feature could have been used to prevent the communication with the CnC server?

Question23: Given the topology, which zone type should zone A and zone B to be configured with?

Question24: What is the purpose of the automated commit recovery feature?

Question25: Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

Question26: Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?

Question27: Match each feature to the DoS Protection Policy or the DoS Protection Profile.

Question28: Which option lists the attributes that are selectable when setting up an Application filters?

Question29: Which two configuration settings shown are not the default? (Choose two.)

Question30: In a security policy what I the quickest way to rest all policy rule hit counters to zero?

Question31: In which stage of the Cyber-Attack Lifecycle would the attacker inject a PDF file within an email?

Question32: Based on the screenshot what is the purpose of the included groups?

Question33: Which service protects cloud-based applications such as Dropbox and Salesforce by administering permissions and scanning files for sensitive information?

Question34: When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

Question35: Based on the security policy rules shown, ssh will be allowed on which port?

Question36: Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.
Complete the security policy to ensure only Telnet is allowed.
Security Policy: Source Zone: Internal to DMZ Zone __________services "Application defaults", and action = Allow

Question37: In the example security policy shown, which two websites fcked? (Choose two.)

Question38: Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

Question39: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Step 1 - Select network tab
Step 2 - Select zones from the list of available items
Step 3 - Select Add
Step 4 - Specify Zone Name
Step 5 - Specify Zone Type
Step 6 - Assign interfaces as needed

Question40: Which administrator type utilizes predefined roles for a local administrator account?

Question41: A server-admin in the USERS-zone requires SSH-access to all possible servers in all current and future Public Cloud environments. All other required connections have already been enabled between the USERS- and the OUTSIDE-zone. What configuration-changes should the Firewall-admin make?

Question42: Match each feature to the DoS Protection Policy or the DoS Protection Profile.

Question43: An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated?
(Choose two.)

Question44: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Question45: Which data flow direction is protected in a zero trust firewall deployment that is not protected in a perimeter-only firewall deployment?

Question46: An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

Question47: Given the scenario, which two statements are correct regarding multiple static default routes? (Choose two.)

Question48: Which license must an Administrator acquire prior to downloading Antivirus Updates for use with the firewall?

Question49: To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?

Question50:
Given the topology, which zone type should interface E1/1 be configured with?

Question51: Based on the screenshot what is the purpose of the group in User labelled ''it"?

Question52: Which action results in the firewall blocking network traffic without notifying the sender?

Question53: Based on the show security policy rule would match all FTP traffic from the inside zone to the outside zone?

Question54: Based on the graphic which statement accurately describes the output shown in the server monitoring panel?

Question55: Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application?

Question56: Arrange the correct order that the URL classifications are processed within the system.

Question57: Which two features can be used to tag a user name so that it is included in a dynamic user group? (Choose two)

Question58: Complete the statement. A security profile can block or allow traffic____________

Question59: What is the correct process tor creating a custom URL category?

Question60: Match the Cyber-Attack Lifecycle stage to its correct description.

Question61: Which action related to App-ID updates will enable a security administrator to view the existing security policy rule that matches new application signatures?

Question62: Which object would an administrator create to block access to all high-risk applications?

Question63: Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

Question64: An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environment?

Question65: Complete the statement. A security profile can block or allow traffic.

Question66: You receive notification about new malware that infects hosts through malicious files transferred by FTP.
Which Security profile detects and protects your internal networks from this threat after you update your firewall's threat signature database?

Question67: Arrange the correct order that the URL classifications are processed within the system.

Question68: Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question69: Which type of profile must be applied to the Security policy rule to protect against buffer overflows illegal code execution and other attempts to exploit system flaws''

Question70: Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question71: Match the network device with the correct User-ID technology.

Question72: What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

Question73: Match the Cyber-Attack Lifecycle stage to its correct description.

Question74: Which statement is true regarding a Prevention Posture Assessment?

Question75: How are Application Fillers or Application Groups used in firewall policy?

Question76: Which type of administrator account cannot be used to authenticate user traffic flowing through the firewall's data plane?

Question77: Given the topology, which zone type should interface E1/1 be configured with?

Question78: Which three configuration settings are required on a Palo Alto Network firewall management interface?
(Choose three.)

Question79: Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

Question80: Which two configuration settings shown are not the default? (Choose two.)

Question81: When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

Question82: Which two configuration settings shown are not the default? (Choose two.)

Question83: Which two statements are correct regarding multiple static default routes when they are configured as shown in the image? (Choose two.)

Question84: Which two statements are correct about App-ID content updates? (Choose two.)

Question85: Given the scenario, which two statements are correct regarding multiple static default routes? (Choose two.)

Question86: In the example security policy shown, which two websites would be blocked? (Choose two.)

Question87: The firewall sends employees an application block page when they try to access Youtube.
Which Security policy rule is blocking the youtube application?

Question88: Match the Cyber-Attack Lifecycle stage to its correct description.

Question89: Which administrator type provides more granular options to determine what the administrator can view and modify when creating an administrator account?

Question90: Which file is used to save the running configuration with a Palo Alto Networks firewall?

Question91: Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)

Question92: Which two settings allow you to restrict access to the management interface? (Choose two )

Question93: Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

Question94: Based on the security policy rules shown, ssh will be allowed on which port?

Question95: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Question96: Recently changes were made to the firewall to optimize the policies and the security team wants to see if those changes are helping.
What is the quickest way to reset the hit counter to zero in all the security policy rules?

Question97: Which interface does not require a MAC or IP address?

Question98: An administrator would like to override the default deny action for a given application and instead would like to block the traffic and send the ICMP code "communication with the destination is administratively prohibited" Which security policy action causes this?

Question99: Access to which feature requires the PAN-OS Filtering license?

Question100: In the example security policy shown, which two websites would be blocked? (Choose two.)

Question101: What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

Question102: Which Security Profile can provide protection against ICMP floods, based on individual combinations of a packet's source and destination IP addresses?

Question103: Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?

Question104: What is considered best practice with regards to committing configuration changes?

Question105: What in the minimum frequency for which you can configure the firewall too check for new wildfire antivirus signatures?

Question106: What must you configure to enable the firewall to access multiple Authentication Profiles to authenticate a non- local account?