EMT Practice Test
1. Question Content...
Question3: What are three valid ways to map an IP address to a username? (Choose three.)
Question4: When is the content inspection performed in the packet flow process?
Question7: Based on the security policy rules shown, ssh will be allowed on which port?
Question9: Which license is required to use the Palo Alto Networks built-in IP address EDLs?
Question17: How are Application Fillers or Application Groups used in firewall policy?
Question18: Match the network device with the correct User-ID technology.
Question20: What do dynamic user groups you to do?
Question24: A Security Profile can block or allow traffic at which point?
Question25: Match the cyber-attack lifecycle stage to its correct description.
Question31: What is the default metric value of static routes?
Question33: What is considered best practice with regards to committing configuration changes?
Question34: Based on the security policy rules shown, ssh will be allowed on which port?
Question38: Match the network device with the correct User-ID technology.
Question40: Which administrator type utilizes predefined roles for a local administrator account?
Question46: Which statement is true regarding a Heatmap report?
Question47: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.
Question49: Which two configuration settings shown are not the default? (Choose two.)
Question62: What are the requirements for using Palo Alto Networks EDL Hosting Sen/ice?
Question63: Match the Cyber-Attack Lifecycle stage to its correct description.
Question66: Match the network device with the correct User-ID technology.
Question67: What must be considered with regards to content updates deployed from Panorama?
Question69: Given the topology, which zone type should you configure for firewall interface E1/1?
Question70: Based on the security policy rules shown, ssh will be allowed on which port?
Question74: Given the topology, which zone type should zone A and zone B to be configured with?
Question75: How frequently can wildfire updates be made available to firewalls?
Question82: What must be configured before setting up Credential Phishing Prevention?
Question83: Match the Cyber-Attack Lifecycle stage to its correct description.
Question85: Which type of address object is www.paloaltonetworks.com?
Question86: Which statement is true about Panorama managed devices?
Question90: By default, which action is assigned to the interzone-default rule?
Question91: Which statement best describes the use of Policy Optimizer?
Question92: Which administrator type utilizes predefined roles for a local administrator account?
Question94: Which path in PAN-OS 10.0 displays the list of port-based security policy rules?
Question100: Which component is a building block in a Security policy rule?
Question102: Match the Cyber-Attack Lifecycle stage to its correct description.
Question107: Match each feature to the DoS Protection Policy or the DoS Protection Profile.
Question108: What is the correct process tor creating a custom URL category?
Question109: Which administrator type utilizes predefined roles for a local administrator account?
Question110: Which statement is true regarding a Prevention Posture Assessment?
Question122: What must be considered with regards to content updates deployed from Panorama?
Question125: Which two configuration settings shown are not the default? (Choose two.)
Question126: Which interface type is part of a Layer 3 zone with a Palo Alto Networks firewall?
Question127: Match the Cyber-Attack Lifecycle stage to its correct description.
Question133: Given the topology, which zone type should zone A and zone B to be configured with?
Question136: Based on the security policy rules shown, ssh will be allowed on which port?
Question137: Match the network device with the correct User-ID technology.
Question138: Which path in PAN-OS 9.0 displays the list of port-based security policy rules?
Question140: Based on the Security policy rules shown, SSH will be allowed on which port?
Question142: Which update option is not available to administrators?
Question144: Which two security profile types can be attached to a security policy? (Choose two.)
Question148: What does an application filter help you to do?
Question150: Which two security profile types can be attached to a security policy? (Choose two.)
Question152: Given the topology, which zone type should interface E1/1 be configured with?
Question153: What is an advantage for using application tags?
Question159: Which prevention technique will prevent attacks based on packet count?
Question161: Arrange the correct order that the URL classifications are processed within the system.
Question162: Which statement is true regarding a Best Practice Assessment?
Question166: Match the cyber-attack lifecycle stage to its correct description.
Question167: In which profile should you configure the DNS Security feature?
Question168: Arrange the correct order that the URL classifications are processed within the system.
Question170: Which statement is true about Panorama managed devices?
Question174: Place the steps in the correct packet-processing order of operations.
Question178: Match the cyber-attack lifecycle stage to its correct description.
Question179: Access to which feature requires the PAN-OS Filtering license?
Question184: Which option is part of the content inspection process?
Question186: Based on the security policy rules shown, ssh will be allowed on which port?
Question190: Which rule type is appropriate for matching traffic occurring within a specified zone?
Question191: Arrange the correct order that the URL classifications are processed within the system.
Question192: How many zones can an interface be assigned with a Palo Alto Networks firewall?
Question194: Place the steps in the correct packet-processing order of operations.
Question195: Based on the security policy rules shown, ssh will be allowed on which port?
Question198: How do you reset the hit count on a security policy rule?
Question199: Given the topology, which zone type should interface E1/1 be configured with?
Question200: Which statement is true about Panorama managed devices?
Question207: Match each rule type with its example
Question211: Match each feature to the DoS Protection Policy or the DoS Protection Profile.
Question212: Based on the screenshot, what is the purpose of the Included Groups?
Question217: Arrange the correct order that the URL classifications are processed within the system.
Question218: In which profile should you configure the DNS Security feature?
Question219: Arrange the correct order that the URL classifications are processed within the system.
Question228: Based on the security policy rules shown, ssh will be allowed on which port?
Question231: Given the topology, which zone type should zone A and zone B to be configured with?
Question232: In path monitoring, what is used to monitor remote network devices?
Question236: Match the Cyber-Attack Lifecycle stage to its correct description.
Question239: Based on the security policy rules shown, ssh will be allowed on which port?
Question243: Which administrator type utilizes predefined roles for a local administrator account?
Question245: Match the Cyber-Attack Lifecycle stage to its correct description.
Question249: Which definition describes the guiding principle of the zero-trust architecture?
Question250: How often does WildFire release dynamic updates?
Question253: Complete the statement. A security profile can block or allow traffic.
Question254: Based on the security policy rules shown, ssh will be allowed on which port?
Question261: Arrange the correct order that the URL classifications are processed within the system.
Question270: Match the Cyber-Attack Lifecycle stage to its correct description.






















































