EMT Practice Test

1. Question Content...


Question List

Question1: What are three considerations when deploying User-ID? (Choose three.)

Question2: What are the three benefits of the Palo Alto Networks migration tool? (Choose three.)

Question3: A customer requests that a known spyware threat signature be triggered based on a rate of occurrence, for example, 10 hits in 5 seconds.
How is this goal accomplished?

Question4: What are three considerations when deploying User-ID? (Choose three.)

Question5: As you prepare to scan your Amazon S3 account, what enables Prisma service permission to access Amazon S3?

Question6: A prospective customer was the victim of a zero-day attack that compromised specific employees, who then became unwitting attack vectors. The customer does not want that to happen again.
Which two Palo Alto Networks platform components will help this customer? (Choose two.)

Question7: Which two of the following does decryption broker provide on a NGFW? (Choose two.)

Question8: Which two features are found in Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)

Question9: Palo Alto Networks publishes updated Command and Control signatures.
How frequently should the related signatures schedule be set?

Question10: Which two components must to be configured within User-ID on a new firewall that has been implemented? (Choose two.)

Question11: What are three considerations when deploying User-ID? (Choose three.)

Question12: Which CLI allows you to view the names of SD-WAN policy rules that send traffic to the specified virtual SD-WAN interface, along with the performance metrics?

Question13: What is the HA limitation specific to the PA-200 appliance?

Question14: Which certificate can be used to ensure that traffic coming from a specific server remains encrypted?

Question15: Which Palo Alto Networks security platform component should an administrator use to extend policies to remote users are not connecting to the internet from behind a firewall?

Question16: An endpoint, inside an organization, is infected with known malware. The malware attempts to make a command and control connection to a C&C server via the destination IP address.
Which mechanism prevent this connection from succeeding?

Question17: There are different Master Keys on Panorama and managed firewalls.
What is the result if a Panorama Administrator pushes configuration to managed firewalls?

Question18: When log sizing is factored for the Cortex Data Lake on the NGFW, what is the average log size used in calculation?

Question19: Which selection must be configured on PAN-OS External Dynamic Lists to support MineMeld indicators?

Question20: What is the basis for purchasing Cortex XDR licensing?

Question21: In which two cases should the Hardware offering of Panorama be chosen over the Virtual Offering? (Choose two.)

Question22: Which domain permissions are required by the User-ID Agent for WMI Authentication on a Windows Server? (Choose three.)

Question23: Which Palo Alto Networks pre-sales tool involves approximately 4 hour interview to discuss a customer's current security posture?

Question24: Which two actions can be taken to enforce protection from brute force attacks in the security policy? (Choose two.)

Question25: What is the key benefit of Palo Alto Networks Single Pass Parallel Processing design?

Question26: What are three considerations when deploying User-ID? (Choose three.)

Question27: A customer with a legacy firewall architecture is focused on port and protocol level security, and has heard that next generation firewalls open all ports by default.
What is the appropriate rebuttal that positions the value of a NGFW over a legacy firewall?

Question28: Which three policies or certificates must be configured for SSL Forward Proxy decryption?
(Choose three.)

Question29: Which three features are used to prevent abuse of stolen credentials? (Choose three.)

Question30: In which two ways can PAN-OS software consume MineMeld outputs? (Choose two.)

Question31: Which functionality is available to firewall users with an active Threat Prevention subscription, but no WildFire license?

Question32: Which option is required to activate/retrieve a Device Management License on the M.100 Appliance after the Auth Codes have been activated on the Palo Alto Networks Support Site?

Question33: What are three considerations when deploying User-ID? (Choose three.)

Question34: Which profile or policy should be applied to protect against port scans from the internet?

Question35: What are three considerations when deploying User-ID? (Choose three.)

Question36: Palo Alto Networks maintains a dynamic database of malicious domains. Which two Security Platform components use this database to prevent threats? (Choose two)

Question37: What are three considerations when deploying User-ID? (Choose three.)

Question38: A service provider has acquired a pair of PA-7080s for its data center to secure its customer base's traffic. The server provider's traffic is largely generated by smart phones and averages
6,000,000 concurrent sessions.
Which Network Processing Card should be recommended in the Bill of Materials?

Question39: An endpoint, inside an organization, is infected with known malware. The malware attempts to make a command and control connection to a C&C server via the destination IP address.
Which mechanism prevent this connection from succeeding?

Question40: What are three best practices for running an Ultimate Test Drive (UTD)? (Choose three.)

Question41: How often are regularly scheduled update for the Anti-virus Application, Threats, and Wildfire subscription databases made available by Palo Alto Networks in PAN-OS 8.0?

Question42: Which two designs require virtual systems? (Choose two.)

Question43: An Administrator needs a PDF summary report that contains information compiled from existing reports based on data for the Top five(5) in each category.
Which two timeframe options are available to send this report? (Choose two.)

Question44: Which is the smallest Panorama solution that can be used to manage up to 2500 Palo Alto Networks Next Generation firewalls?

Question45: What are three considerations when deploying User-ID? (Choose three.)

Question46: How often are the databases for Anti-virus. Application, Threats, and WildFire subscription updated?

Question47: What are three considerations when deploying User-ID? (Choose three.)

Question48: You have enabled the WildFire ML for PE files in the antivirus profile and have added the profile to the appropriate firewall rules. When you go to Palo Alto Networks WildFire test av file and attempt to download the test file it is allowed through. In order to verify that the machine learning is working from the command line, which command returns a valid result?

Question49: What aspect of PAN-OS allows for the NGFW admin to create a policy that provides auto- remediation for anomalous user behavior and malicious activity while maintaining user visibility?

Question50: An endpoint, inside an organization, is infected with known malware. The malware attempts to make a command and control connection to a C&C server via the destination IP address.
Which mechanism prevent this connection from succeeding?