EMT Practice Test
1. Question Content...
Question2: Which statement best describes the use of Policy Optimizer?
Question4: A Security Profile can block or allow traffic at which point?
Question8: What Policy Optimizer policy view differ from the Security policy do?
Question9: Based on the security policy rules shown, ssh will be allowed on which port?
Question10: Which component is a building block in a Security policy rule?
Question11: Which type of address object is www.paloaltonetworks.com?
Question12: Match the Cyber-Attack Lifecycle stage to its correct description.
Question15: How often does WildFire release dynamic updates?
Question16: Which tab would an administrator click to create an address object?
Question24: In which profile should you configure the DNS Security feature?
Question25: Why should a company have a File Blocking profile that is attached to a Security policy?
Question31: What is used to monitor Security policy applications and usage?
Question33: To what must an interface be assigned before it can process traffic?
Question34: Which path in PAN-OS 10.0 displays the list of port-based security policy rules?
Question35: Which definition describes the guiding principle of the zero-trust architecture?
Question36: What is the main function of the Test Policy Match function?
Question37: Which operations are allowed when working with App-ID application tags?
Question40: Which file is used to save the running configuration with a Palo Alto Networks firewall?
Question41: What are two valid selections within an Anti-Spyware profile? (Choose two.)
Question42: Which two addresses should be reserved to enable DNS sinkholing? (Choose two.)
Question43: Why does a company need an Antivirus profile?
Question46: Based on the screenshot what is the purpose of the included groups?
Question47: 
Given the topology, which zone type should interface E1/1 be configured with?
Question53: What are the two default behaviors for the intrazone-default policy? (Choose two.)
Question64: How does the Policy Optimizer policy view differ from the Security policy view?
Question67: Where in Panorama Would Zone Protection profiles be configured?
Question82: What are the two main reasons a custom application is created? (Choose two.)
Question85: Which security profile should be used to classify malicious web content?
Question90: What can be used as match criteria for creating a dynamic address group?
Question92: How many zones can an interface be assigned with a Palo Alto Networks firewall?
Question95: Which statement is true about Panorama managed devices?
Question96: Match each feature to the DoS Protection Policy or the DoS Protection Profile.
Question101: What is the purpose of the automated commit recovery feature?
Question107: Which three types of Source NAT are available to users inside a NGFW? (Choose three.)
Question113: Which statement is true regarding a Best Practice Assessment?
Question114: What do dynamic user groups you to do?
Question120: What are three valid ways to map an IP address to a username? (Choose three.)
Question121: What is the correct process tor creating a custom URL category?
Question122: What must be considered with regards to content updates deployed from Panorama?
Question133: Which interface type is part of a Layer 3 zone with a Palo Alto Networks firewall?
Question136: How do you reset the hit count on a security policy rule?
Question137: Match each rule type with its example
Question140: Which two configuration settings shown are not the default? (Choose two.)
Question154: Which action can be performed when grouping rules by group tags?
Question155: What is the maximum volume of concurrent administrative account sessions?















