EMT Practice Test

1. Question Content...


Question List

Question1: What are three Palo Alto Networks best practices when implementing the DNS Security Service? (Choose three.)

Question2: Which User Credential Detection method should be applied within a URL Filtering Security profile to check for the submission of a valid corporate username and the associated password?

Question3: What are three valid ways to map an IP address to a username? (Choose three.)

Question4: When is the content inspection performed in the packet flow process?

Question5: The Palo Alto Networks NGFW was configured with a single virtual router named VR-1 What changes are required on VR-1 to route traffic between two interfaces on the NGFW?

Question6: When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

Question7: Based on the security policy rules shown, ssh will be allowed on which port?

Question8: The firewall sends employees an application block page when they try to access Youtube.
Which Security policy rule is blocking the youtube application?

Question9: Which license is required to use the Palo Alto Networks built-in IP address EDLs?

Question10: Palo Alto Networks firewall architecture accelerates content map minimizing latency using which two components'? (Choose two )

Question11: Given the cyber-attack lifecycle diagram identify the stage in which the attacker can run malicious code against a vulnerability in a targeted machine.

Question12: Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application?

Question13: An administrator would like to use App-ID's deny action for an application and would like that action updated with dynamic updates as new content becomes available.
Which security policy action causes this?

Question14: A server-admin in the USERS-zone requires SSH-access to all possible servers in all current and future Public Cloud environments. All other required connections have already been enabled between the USERS- and the OUTSIDE-zone. What configuration-changes should the Firewall-admin make?

Question15: The NetSec Manager asked to create a new firewall Local Administrator profile with customized privileges named NewAdmin. This new administrator has to authenticate without inserting any username or password to access the WebUI.
What steps should the administrator follow to create the New_Admin Administrator profile?

Question16: Actions can be set for which two items in a URL filtering security profile? (Choose two.)

Question17: How are Application Fillers or Application Groups used in firewall policy?

Question18: Match the network device with the correct User-ID technology.

Question19: Which action results in the firewall blocking network traffic without notifying the sender?

Question20: What do dynamic user groups you to do?

Question21: What is the minimum timeframe that can be set on the firewall to check for new WildFire signatures?

Question22: An administrator is implementing an exception to an external dynamic list by adding an entry to the list manually. The administrator wants to save the changes, but the OK button is grayed out.
What are two possible reasons the OK button is grayed out? (Choose two.)

Question23: Which service protects cloud-based applications such as Dropbox and Salesforce by administering permissions and scanning files for sensitive information?

Question24: A Security Profile can block or allow traffic at which point?

Question25: Match the cyber-attack lifecycle stage to its correct description.

Question26: Which three statement describe the operation of Security Policy rules or Security Profiles? (Choose three)

Question27: Which URL profiling action does not generate a log entry when a user attempts to access that URL?

Question28: Which feature would be useful for preventing traffic from hosting providers that place few restrictions on content, whose services are frequently used by attackers to distribute illegal or unethical material?

Question29: Given the scenario, which two statements are correct regarding multiple static default routes? (Choose two.)

Question30: An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

Question31: What is the default metric value of static routes?

Question32: You have been tasked to configure access to a new web server located in the DMZ Based on the diagram what configuration changes are required in the NGFW virtual router to route traffic from the 10 1 1 0/24 network to 192 168 1 0/24?

Question33: What is considered best practice with regards to committing configuration changes?

Question34: Based on the security policy rules shown, ssh will be allowed on which port?

Question35: You receive notification about new malware that is being used to attack hosts. The malware exploits a software bug in common application.
Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?

Question36: An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

Question37: Based on the show security policy rule would match all FTP traffic from the inside zone to the outside zone?

Question38: Match the network device with the correct User-ID technology.

Question39: An address object of type IP Wildcard Mask can be referenced in which part of the configuration?

Question40: Which administrator type utilizes predefined roles for a local administrator account?

Question41: Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?

Question42: Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question43: The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.
Which security profile feature could have been used to prevent the communication with the CnC server?

Question44: Which Security policy match condition would an administrator use to block traffic from IP addresses on the Palo Alto Networks EDL of Known Malicious IP Addresses list?

Question45: Assume a custom URL Category Object of "NO-FILES" has been created to identify a specific website How can file uploading/downloading be restricted for the website while permitting general browsing access to that website?

Question46: Which statement is true regarding a Heatmap report?

Question47: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Question48: If users from the Trusted zone need to allow traffic to an SFTP server in the DMZ zone, how should a Security policy with App-ID be configured?
A)

B)

C)

D)

Question49: Which two configuration settings shown are not the default? (Choose two.)

Question50: A website is unexpectedly allowed due to miscategorization.
What are two ways to resolve this issue for a proper response? (Choose two.)

Question51: An administrator is updating Security policy to align with best practices.
Which Policy Optimizer feature is shown in the screenshot below?

Question52: Actions can be set for which two items in a URL filtering security profile? (Choose two.)

Question53: Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question54: Which firewall feature do you need to configure to query Palo Alto Networks service updates over a data-plane interface instead of the management interface?

Question55: What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

Question56: The firewall sends employees an application block page when they try to access Youtube.
Which Security policy rule is blocking the youtube application?

Question57: An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone The administrator does not want to allow traffic between the DMZ and LAN zones.
Which Security policy rule type should they use?

Question58: Place the following steps in the packet processing order of operations from first to last.

Question59: What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)

Question60: Given the image, which two options are true about the Security policy rules. (Choose two.)

Question61: Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

Question62: What are the requirements for using Palo Alto Networks EDL Hosting Sen/ice?

Question63: Match the Cyber-Attack Lifecycle stage to its correct description.

Question64: An administrator would like to see the traffic that matches the mterzone-default rule in the traffic togs What is the correct process to enable this logging1?

Question65: Assume a custom URL Category Object of "NO-FILES" has been created to identify a specific website.
How can file uploading/downloading be restricted for the website while permitting general browsing access to that website?

Question66: Match the network device with the correct User-ID technology.

Question67: What must be considered with regards to content updates deployed from Panorama?

Question68: An internal host needs to connect through the firewall using source NAT to servers of the internet.
Which policy is required to enable source NAT on the firewall?

Question69: Given the topology, which zone type should you configure for firewall interface E1/1?

Question70: Based on the security policy rules shown, ssh will be allowed on which port?

Question71: Refer to the exhibit. An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) receives HTTP traffic and Host B (10.1.1.101) receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.)

Question72: Which URL profiling action does not generate a log entry when a user attempts to access that URL?

Question73: During the App-ID update process, what should you click on to confirm whether an existing policy rule is affected by an App-ID update?

Question74: Given the topology, which zone type should zone A and zone B to be configured with?

Question75: How frequently can wildfire updates be made available to firewalls?

Question76: Which Security policy action will message a user's browser thai their web session has been terminated?

Question77: A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base.
On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days.
Based on the information, how is the SuperApp traffic affected after the 30 days have passed?

Question78: Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

Question79: What is a recommended consideration when deploying content updates to the firewall from Panorama?

Question80: Refer to the exhibit. An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) receives HTTP traffic and Host B (10.1.1.101) receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.)

Question81: Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application?

Question82: What must be configured before setting up Credential Phishing Prevention?

Question83: Match the Cyber-Attack Lifecycle stage to its correct description.

Question84: If using group mapping with Active Directory Universal Groups, what must you do when configuring the User-ID?

Question85: Which type of address object is www.paloaltonetworks.com?

Question86: Which statement is true about Panorama managed devices?

Question87: Which three types of authentication services can be used to authenticate user traffic flowing through the firewall's data plane? (Choose three.)

Question88: An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

Question89: An administrator is reviewing another administrator s Security policy log settings Which log setting configuration is consistent with best practices tor normal traffic?

Question90: By default, which action is assigned to the interzone-default rule?

Question91: Which statement best describes the use of Policy Optimizer?

Question92: Which administrator type utilizes predefined roles for a local administrator account?

Question93: Which administrative management services can be configured to access a management interface?

Question94: Which path in PAN-OS 10.0 displays the list of port-based security policy rules?

Question95: Given the scenario, which two statements are correct regarding multiple static default routes? (Choose two.)

Question96: Which two rule types allow the administrator to modify the destination zone? (Choose two )

Question97: The data plane provides which two data processing features of the firewall? (Choose two.)

Question98: When HTTPS for management and GlobalProtect are enabled on the same interface, which TCP port is used for management access?

Question99: An administrator has an IP address range in the external dynamic list and wants to create an exception for one specific IP address in this address range.
Which steps should the administrator take?

Question100: Which component is a building block in a Security policy rule?

Question101: An administrator is configuring a NAT rule
At a minimum, which three forms of information are required? (Choose three.)

Question102: Match the Cyber-Attack Lifecycle stage to its correct description.

Question103: Based on the graphic which statement accurately describes the output shown in the server monitoring panel?

Question104: To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?

Question105: Which Security profile can you apply to protect against malware such as worms and Trojans?

Question106: What is the minimum timeframe that can be set on the firewall to check for new WildFire signatures?

Question107: Match each feature to the DoS Protection Policy or the DoS Protection Profile.

Question108: What is the correct process tor creating a custom URL category?

Question109: Which administrator type utilizes predefined roles for a local administrator account?

Question110: Which statement is true regarding a Prevention Posture Assessment?

Question111: An internal host wants to connect to servers of the internet through using source NAT. Which policy is required to enable source NAT on the firewall?

Question112: An administrator is trying to enforce policy on some (but not all) of the entries in an external dynamic list. What is the maximum number of entries that they can be exclude?

Question113: Which three onfiguration settings are required on a Palo Alto networks firewall management interface?

Question114: Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?

Question115: An administrator would like to see the traffic that matches the interzone-default rule in the traffic logs.
What is the correct process to enable this logging?

Question116: Based on the show security policy rule would match all FTP traffic from the inside zone to the outside zone?

Question117: Which object would an administrator create to block access to all high-risk applications?

Question118: An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

Question119: An administrator is investigating a log entry for a session that is allowed and has the end reason of aged-out. Which two fields could help in determining if this is normal? (Choose two.)

Question120: Refer to the exhibit. A web server in the DMZ is being mapped to a public address through DNAT.

Which Security policy rule will allow traffic to flow to the web server?

Question121: Why should a company have a File Blocking profile that is attached to a Security policy?

Question122: What must be considered with regards to content updates deployed from Panorama?

Question123: An administrator is reviewing another administrator's Security policy log settings.
Which log setting configuration is consistent with best practices for normal traffic?

Question124: You receive notification about new malware that is being used to attack hosts The malware exploits a software bug in a common application Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?

Question125: Which two configuration settings shown are not the default? (Choose two.)

Question126: Which interface type is part of a Layer 3 zone with a Palo Alto Networks firewall?

Question127: Match the Cyber-Attack Lifecycle stage to its correct description.

Question128: An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated?
(Choose two.)

Question129: When creating a Panorama administrator type of Device Group and Template Admin, which two things must you create first? (Choose two.)

Question130: The Palo Alto Networks NGFW was configured with a single virtual router named VR-1.
What changes are required on VR-1 to route traffic between two interfaces on the NGFW?

Question131: Starting with PAN_OS version 9.1 which new type of object is supported for use within the user field of a security policy rule?

Question132: What are three differences between security policies and security profiles? (Choose three.)

Question133: Given the topology, which zone type should zone A and zone B to be configured with?

Question134: Refer to the exhibit. A web server in the DMZ is being mapped to a public address through DNAT.

Which Security policy rule will allow traffic to flow to the web server?

Question135: During the packet flow process, which two processes are performed in application identification? (Choose two.)

Question136: Based on the security policy rules shown, ssh will be allowed on which port?

Question137: Match the network device with the correct User-ID technology.

Question138: Which path in PAN-OS 9.0 displays the list of port-based security policy rules?

Question139: Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP -to-user mappings as soon as possible with minimal downtime and minimal configuration changes to the wireless devices themselves. The wireless devices are from various manufactures.
Given the scenario, choose the option for sending IP-to-user mappings to the NGFW.

Question140: Based on the Security policy rules shown, SSH will be allowed on which port?

Question141: An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

Question142: Which update option is not available to administrators?

Question143: Place the following steps in the packet processing order of operations from first to last.

Question144: Which two security profile types can be attached to a security policy? (Choose two.)

Question145: Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?

Question146: In a Security policy, what is the quickest way to reset all policy rule hit counters to zero?

Question147: What can be achieved by selecting a policy target prior to pushing policy rules from Panorama?

Question148: What does an application filter help you to do?

Question149: Given the image, which two options are true about the Security policy rules. (Choose two.)

Question150: Which two security profile types can be attached to a security policy? (Choose two.)

Question151: Which three filter columns are available when setting up an Application Filter? (Choose three.)

Question152: Given the topology, which zone type should interface E1/1 be configured with?

Question153: What is an advantage for using application tags?

Question154: Match the Palo Alto Networks Security Operating Platform architecture to its description.

Question155: An administrator is reviewing another administrator s Security policy log settings.
Which log setting configuration is consistent with best practices tor normal traffic?

Question156: What can be achieved by disabling the Share Unused Address and Service Objects with Devices setting on Panorama?

Question157: An administrator wants to prevent access to media content websites that are risky Which two URL categories should be combined in a custom URL category to accomplish this goal? (Choose two)

Question158: Based on the graphic which statement accurately describes the output shown in the server monitoring panel?

Question159: Which prevention technique will prevent attacks based on packet count?

Question160: An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or object when new applications are released.
Which object should the administrator use as a match condition in the Security policy?

Question161: Arrange the correct order that the URL classifications are processed within the system.

Question162: Which statement is true regarding a Best Practice Assessment?

Question163: Which two firewall components enable you to configure SYN flood protection thresholds? (Choose two.)

Question164: Palo Alto Networks firewall architecture accelerates content inspection performance while minimizing latency using which two components? (Choose two.)

Question165: View the diagram. What is the most restrictive, yet fully functional rule, to allow general Internet and SSH traffic into both the DMZ and Untrust/lnternet zones from each of the lOT/Guest and Trust Zones?

Question166: Match the cyber-attack lifecycle stage to its correct description.

Question167: In which profile should you configure the DNS Security feature?

Question168: Arrange the correct order that the URL classifications are processed within the system.

Question169: In the example security policy shown, which two websites would be blocked? (Choose two.)

Question170: Which statement is true about Panorama managed devices?

Question171: Place the following steps in the packet processing order of operations from first to last.

Question172: Place the following steps in the packet processing order of operations from first to last.

Question173: Which three interface deployment methods can be used to block traffic flowing through the Palo Alto Networks firewall? (Choose three.)

Question174: Place the steps in the correct packet-processing order of operations.

Question175: Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

Question176: An administrator wishes to follow best practices for logging traffic that traverses the firewall Which log setting is correct?

Question177: Assume that traffic matches a Security policy rule but the attached Security Profiles is configured to block matching traffic Which statement accurately describes how the firewall will apply an action to matching traffic?

Question178: Match the cyber-attack lifecycle stage to its correct description.

Question179: Access to which feature requires the PAN-OS Filtering license?

Question180: Drag and Drop Question
Place the steps in the correct packet-processing order of operations.
Select and Place:

Question181: Which Security profile can you apply to protect against malware such as worms and Trojans?

Question182: Actions can be set for which two items in a URL filtering security profile? (Choose two.)

Question183: Starting with PAN-OS version 9.1, application dependency information is now reported in which two locations? (Choose two.)

Question184: Which option is part of the content inspection process?

Question185: Which license must an Administrator acquire prior to downloading Antivirus Updates for use with the firewall?

Question186: Based on the security policy rules shown, ssh will be allowed on which port?

Question187: Which file is used to save the running configuration with a Palo Alto Networks firewall?

Question188: In which stage of the Cyber-Attack Lifecycle would the attacker inject a PDF file within an email?

Question189: Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

Question190: Which rule type is appropriate for matching traffic occurring within a specified zone?

Question191: Arrange the correct order that the URL classifications are processed within the system.

Question192: How many zones can an interface be assigned with a Palo Alto Networks firewall?

Question193: How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?

Question194: Place the steps in the correct packet-processing order of operations.

Question195: Based on the security policy rules shown, ssh will be allowed on which port?

Question196: Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.
Complete the security policy to ensure only Telnet is allowed.
Security Policy: Source Zone: Internal to DMZ Zone __________services "Application defaults", and action = Allow

Question197: Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question198: How do you reset the hit count on a security policy rule?

Question199: Given the topology, which zone type should interface E1/1 be configured with?

Question200: Which statement is true about Panorama managed devices?

Question201: Which type of administrative role must you assign to a firewall administrator account, if the account must include a custom set of firewall permissions?

Question202: When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

Question203: Drag and Drop Question
Arrange the correct order that the URL classifications are processed within the system.
Select and Place:

Question204: An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

Question205: Which action would an administrator take to ensure that a service object will be available only to the selected device group?

Question206: What are three factors that can be used in domain generation algorithms? (Choose three.)

Question207: Match each rule type with its example

Question208: Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate malicious code against a targeted machine.

Question209: Given the image, which two options are true about the Security policy rules. (Choose two.)

Question210: Which type of profile must be applied to the Security policy rule to protect against buffer overflows illegal code execution and other attempts to exploit system flaws''

Question211: Match each feature to the DoS Protection Policy or the DoS Protection Profile.

Question212: Based on the screenshot, what is the purpose of the Included Groups?

Question213: Which object would an administrator create to enable access to all applications in the office-programs subcategory?

Question214: Starting with PAN-OS version 9.1, application dependency information is now reported in which two locations? (Choose two.)

Question215: Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question216: Which type of security policy rule will match traffic that flows between the Outside zone and inside zone, but would not match traffic that flows within the zones?

Question217: Arrange the correct order that the URL classifications are processed within the system.

Question218: In which profile should you configure the DNS Security feature?

Question219: Arrange the correct order that the URL classifications are processed within the system.

Question220: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Question221: An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environment?

Question222: Your company occupies one floor in a single building. You have two Active Directory domain controllers on a single network. The firewall's management plane is only slightly utilized.
Which User-ID agent is sufficient in your network?

Question223: An administrator has configured a Security policy where the matching condition includes a single application and the action is deny If the application s default deny action is reset-both what action does the firewall take*?

Question224: Recently changes were made to the firewall to optimize the policies and the security team wants to see if those changes are helping.
What is the quickest way to reset the hit counter to zero in all the security policy rules?

Question225: An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

Question226: An administrator has configured a Security policy where the matching condition includes a single application and the action is deny.
If the application s default deny action is reset-both what action does the firewall take*?

Question227: Based on the graphic which statement accurately describes the output shown in the server monitoring panel?

Question228: Based on the security policy rules shown, ssh will be allowed on which port?

Question229: An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environment?

Question230: An administrator would like to create a URL Filtering log entry when users browse to any gambling website. What combination of Security policy and Security profile actions is correct?

Question231: Given the topology, which zone type should zone A and zone B to be configured with?

Question232: In path monitoring, what is used to monitor remote network devices?

Question233: Match the Palo Alto Networks Security Operating Platform architecture to its description.

Question234: An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server.
Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

Question235: Refer to the exhibit. An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) receives HTTP traffic and Host B (10.1.1.101) receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.)

Question236: Match the Cyber-Attack Lifecycle stage to its correct description.

Question237: Which Security profile would you apply to identify infected hosts on the protected network using DNS traffic?

Question238: At which point in the app-ID update process can you determine if an existing policy rule is affected by an app-ID update?

Question239: Based on the security policy rules shown, ssh will be allowed on which port?

Question240: An address object of type IP Wildcard Mask can be referenced in which part of the configuration?

Question241: Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application?

Question242: Order the steps needed to create a new security zone with a Palo Alto Networks firewall.

Question243: Which administrator type utilizes predefined roles for a local administrator account?

Question244: What does an administrator use to validate whether a session is matching an expected NAT policy?

Question245: Match the Cyber-Attack Lifecycle stage to its correct description.

Question246: An administrator wants to prevent users from submitting corporate credentials in a phishing attack.
Which Security profile should be applied?

Question247: Actions can be set for which two items in a URL filtering security profile? (Choose two.)

Question248: Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question249: Which definition describes the guiding principle of the zero-trust architecture?

Question250: How often does WildFire release dynamic updates?

Question251: Based on the graphic which statement accurately describes the output shown in the server monitoring panel?

Question252: Place the following steps in the packet processing order of operations from first to last.

Question253: Complete the statement. A security profile can block or allow traffic.

Question254: Based on the security policy rules shown, ssh will be allowed on which port?

Question255: Given the scenario, which two statements are correct regarding multiple static default routes? (Choose two.)

Question256: An administrator would like to override the default deny action for a given application, and instead would like to block the traffic and send the ICMP code
"communication with the destination is administratively prohibited".
Which security policy action causes this?

Question257: Which option shows the attributes that are selectable when setting up application filters?

Question258: At which point in the app-ID update process can you determine if an existing policy rule is affected by an app-ID update?

Question259: Which two statements are true for the DNS security service introduced in PAN-OS version 10.0?

Question260: An administrator configured a Security policy rule where the matching condition includes a single application and the action is set to deny. What deny action will the firewall perform?

Question261: Arrange the correct order that the URL classifications are processed within the system.

Question262: Which three configuration settings are required on a Palo Alto networks firewall management interface?

Question263: The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.
Which security profile feature could have been used to prevent the communication with the CnC server?

Question264: Which object would an administrator create to enable access to all applications in the office-programs subcategory?

Question265: Drag and Drop Question
Place the following steps in the packet processing order of operations from first to last.
Select and Place:

Question266: An administrator wants to create a No-NAT rule to exempt a flow from the default NAT rule. What is the best way to do this?

Question267: Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?

Question268: Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

Question269: What is the minimum timeframe that can be set on the firewall to check for new WildFire signatures?

Question270: Match the Cyber-Attack Lifecycle stage to its correct description.

Question271: When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

Question272: In a security policy what is the quickest way to rest all policy rule hit counters to zero?

Question273: Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate malicious code against a targeted machine.

Question274: When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?