EMT Practice Test

1. Question Content...


Question List

Question1: A customer has a pair of Panorama HA appliances tunning local log collectors and wants to have log redundancy on logs forwarded from firewalls Which two configuration options fulfill the customer's requirement for log redundancy? (Choose two)

Question2: What is the purpose of the WildFire Analysis Profile in a security policy?

Question3: Which log type would you consult to diagnose why a specific URL is being blocked?

Question4: Which license is required to use the Cortex XDR Managed Threat Hunting service?

Question5: Which touting configuration should you recommend lo a customer who wishes lo actively use multiple pathways to the same destination?

Question6: Instead of disabling App-IDs regularly, a security policy rule is going to be configured to temporarily allow new App-IDs. In which two circumstances is it valid to disable App-IDs as part of content update-?
(Choose two)

Question7: A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an "allow any" rule What should the consultant say about Expedition?

Question8: What happens when a packet from an existing session is received by a firewall that

Question9: What configuration is necessary for Active/Active HA to synchronize sessions between peers?

Question10: Identity the Stakeholder with their Role when planning a Firewall Panorama, and Cortex XDR Deployment

Question11: TAC has requested a PCAP on your Panorama lo see why the DNS app is having intermittent issues resolving FODN What is the appropriate CLI command1*

Question12: In an HA (High Availability) setup, what is the purpose of the HA3 link?

Question13: Which command would you use to view the current sessions on a Palo Alto firewall?

Question14: Which Panorama operational mode is necessary to manage a large number of firewalls and also act as a log collector?

Question15: In an environment using User-ID, what role does the User-ID agent play?

Question16: A customer has a five-year-old firewall in production in the time since the firewall was installed, the IT team deleted unused security policies on a regular basis but they did not remove the address objects and groups that were part ofthese security policies.
What is the best way to delete all of the unused address objects on the firewall?

Question17: In Panorama, what is the correct order of precedence for security policies?

Question18: Which interface deployments support the Aggregate Ethernet Active configuration? (Choose three.)

Question19: What feature should be used to decrypt and inspect inbound SSL traffic without having to install a certificate on the client devices?

Question20: In Panorama the web interface displays the security rules in evaluation order Organize the security rules m the order in which they will be evaluated?

Question21: What command can you use to check the status of GlobalProtect clients connected to the firewall?

Question22: Which of the following must be enabled to use Threat Prevention features such as Anti-Virus and Anti-Spyware on a firewall?

Question23: Which two types of security profiles are recommended to protect against known and unknown threats?
(Choose two)

Question24: A customer who has a multi-tenant environment needs the administrator to be restricted lo specific objects and policies in the virtual system within its tenant How can an administrators access be restricted?

Question25: A customer has deployed a GlobalProtect portal and gateway as its remote-access VPN solution for its fleet of Windows 10 laptops The customer wants to use Host information Profile (HIP) data collected at the GlobalProtect gateway throughout its enterprise as an additional means of policy enforcement What additional licensing must the customer purchase?

Question26: Which two conditions must be met for a firewall to successfully forward traffic to a syslog server? (Choose two)

Question27: An existing customer who has deployed several Palo Alto Networks Next-Generation Firewalls would like to start using Device-ID to obtain policy rule recommendations They have also purchased a Support license, a Threat license a URL Filtering license, and a WildFire license for each firewall What additional license do they need to purchase"?

Question28: Which of the following is a primary use case for the Decryption Broker feature?

Question29: Which of the following Palo Alto Networks features can help reduce the attack surface by limiting the number of applications allowed through the firewall?

Question30: A customer has deployed a GlobalProtect portal and gateway as its remote-access VPN solution for its fleet of Windows 10 laptops The customer wants to use Host information Profile (HIP) data collected at the GlobalProtect gateway throughout its enterprise as an additional means of policy enforcement What additional licensing must the customer purchase?