EMT Practice Test

1. Question Content...


Question List

Question1: Which operations are allowed when working with App-ID application tags?

Question2: Which three types of authentication services can be used to authenticate user traffic flowing through the firewalls data plane? (Choose three )

Question3: What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

Question4: Match the network device with the correct User-ID technology.

Question5: Which the app-ID application will you need to allow in your security policy to use facebook-chat?

Question6: Which feature would be useful for preventing traffic from hosting providers that place few restrictions on content, whose services are frequently used by attackers to distribute illegal or unethical material?

Question7: The PowerBall Lottery has reached a high payout amount and a company has decided to help employee morale by allowing employees to check the number, but doesn't want to unblock the gambling URL category.
Which two methods will allow the employees to get to the PowerBall Lottery site without the company unlocking the gambling URL category? (Choose two.)

Question8: A Security Profile can block or allow traffic at which point?

Question9: You receive notification about new malware that is being used to attack hosts The malware exploits a software bug in a common application Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?

Question10: Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?

Question11: Access to which feature requires the PAN-OS Filtering license?

Question12: Which file is used to save the running configuration with a Palo Alto Networks firewall?

Question13: Which administrator type provides more granular options to determine what the administrator can view and modify when creating an administrator account?

Question14: Based on the screenshot what is the purpose of the included groups?

Question15: Which path is used to save and load a configuration with a Palo Alto Networks firewall?

Question16: Which plane on a Palo alto networks firewall provides configuration logging and reporting functions on a separate processor?

Question17: An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

Question18: Recently changes were made to the firewall to optimize the policies and the security team wants to see if those changes are helping.
What is the quickest way to reset the hit counter to zero in all the security policy rules?

Question19: Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate malicious code against a targeted machine.

Question20: What action will inform end users when their access to Internet content is being restricted?

Question21: Which update option is not available to administrators?

Question22: What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)

Question23: Which link in the web interface enables a security administrator to view the security policy rules that match new application signatures?

Question24: Which firewall plane provides configuration, logging, and reporting functions on a separate processor?

Question25: How is the hit count reset on a rule?

Question26: Which type of profile must be applied to the Security policy rule to protect against buffer overflows illegal code execution and other attempts to exploit system flaws''

Question27: What are three factors that can be used in domain generation algorithms? (Choose three.)

Question28: What must be configured before setting up Credential Phishing Prevention?

Question29: How often does WildFire release dynamic updates?

Question30: Given the topology, which zone type should you configure for firewall interface E1/1?

Question31: Which license is required to use the Palo Alto Networks built-in IP address EDLs?

Question32: Which built-in IP address EDL would be useful for preventing traffic from IP addresses that are verified as unsafe based on WildFire analysis Unit 42 research and data gathered from telemetry?

Question33: Which stage of the cyber-attack lifecycle makes it important to provide ongoing education to users on spear phishing links, unknown emails, and risky websites?

Question34: Which interface type can use virtual routers and routing protocols?

Question35: Based on the screenshot what is the purpose of the group in User labelled ''it"?

Question36: During the packet flow process, which two processes are performed in application identification? (Choose two.)

Question37: You receive notification about a new malware that infects hosts An infection results in the infected host attempting to contact a command-and-control server Which Security Profile when applied to outbound Security policy rules detects and prevents this threat from establishing a command-and-control connection?

Question38: An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environment?

Question39: Which protocol used to map username to user groups when user-ID is configured?

Question40: Which Security profile would you apply to identify infected hosts on the protected network using DNS traffic?

Question41: What is the main function of the Test Policy Match function?

Question42: Which component is a building block in a Security policy rule?

Question43: Which option is part of the content inspection process?

Question44: Match the Cyber-Attack Lifecycle stage to its correct description.

Question45: Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?

Question46: Match each feature to the DoS Protection Policy or the DoS Protection Profile.

Question47: Which two statements are true for the DNS security service introduced in PAN-OS version 10.0?

Question48: The Palo Alto Networks NGFW was configured with a single virtual router named VR-1 What changes are required on VR-1 to route traffic between two interfaces on the NGFW?

Question49: How many zones can an interface be assigned with a Palo Alto Networks firewall?

Question50: An administrator would like to silently drop traffic from the internet to a ftp server.
Which Security policy action should the administrator select?

Question51: What is a recommended consideration when deploying content updates to the firewall from Panorama?

Question52: When creating a custom URL category object, which is a valid type?

Question53: Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.
Complete the security policy to ensure only Telnet is allowed.
Security Policy: Source Zone: Internal to DMZ Zone __________services "Application defaults", and action = Allow

Question54: Which URL Filtering profile action would you set to allow users the option to access a site only if they provide a URL admin password?

Question55: Which statements is true regarding a Heatmap report?

Question56: Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?

Question57: According to the best practices for mission critical devices, what is the recommended interval for antivirus updates?

Question58: For the firewall to use Active Directory to authenticate users, which Server Profile is required in the Authentication Profile?

Question59: Which action results in the firewall blocking network traffic with out notifying the sender?

Question60: Access to which feature requires PAN-OS Filtering licens?

Question61: Given the topology, which zone type should interface E1/1 be configured with?

Question62: Which two features can be used to tag a username so that it is included in a dynamic user group? (Choose two.)

Question63: Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?

Question64: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Question65: An administrator wants to prevent access to media content websites that are risky Which two URL categories should be combined in a custom URL category to accomplish this goal? (Choose two)

Question66: Which prevention technique will prevent attacks based on packet count?

Question67: Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

Question68: All users from the internal zone must be allowed only Telnet access to a server in the DMZ zone. Complete the two empty fields in the Security Policy rules that permits only this type of access.

Choose two.

Question69: Match the cyber-attack lifecycle stage to its correct description.

Question70: What is the correct process tor creating a custom URL category?

Question71: A network has 10 domain controllers, multiple WAN links, and a network infrastructure with bandwidth needed to support mission-critical applications. Given the scenario, which type of User-ID agent is considered a best practice by Palo Alto Networks?

Question72: Given the image, which two options are true about the Security policy rules. (Choose two.)

Question73: What is an advantage for using application tags?

Question74: What is the main function of Policy Optimizer?

Question75: Which type of address object is "10 5 1 1/0 127 248 2"?