EMT Practice Test

1. Question Content...


Question List

Question1: How often are the databases for Anti-virus. Application, Threats, and WildFire subscription updated?

Question2: Which statement is true about Deviating Devices and metrics?

Question3: The ability to prevent users from resolving internet protocol (IP) addresses to malicious, grayware, or newly registered domains is provided by which Security service?

Question4: Which proprietary technology solutions will allow a customer to identify and control traffic sources regardless of internet protocol (IP) address or network segment?

Question5: Which is the smallest Panorama solution that can be used to manage up to 2500 Palo Alto Networks Next Generation firewalls?

Question6: A client chooses to not block uncategorized websites.
Which two additions should be made to help provide some protection? (Choose two.)

Question7: Which functionality is available to firewall users with an active Threat Prevention subscription, but no WildFire license?

Question8: Decryption port mirroring is now supported on which platform?

Question9: In Panorama, which three reports or logs will help identify the inclusion of a host source in a command-and-control (C2) incident? (Choose three.)

Question10: Select the BOM for the Prisma Access, to provide access for 5500 mobile users and 10 remote locations (100Mbps each) for one year, including Base Support and minimal logging. The customer already has 4x PA5220r 8x PA3220,1x Panorama VM for 25 devices.

Question11: WildFire can discover zero-day malware in which three types of traffic? (Choose three)

Question12: What is an advantage of having WildFire machine learning (ML) capability Inline on the firewall?

Question13: Which three signature-based Threat Prevention features of the firewall are informed by intelligence from the Threat Intelligence Cloud? (Choose three.)

Question14: Which domain permissions are required by the User-ID Agent for WMI Authentication on a Windows Server?
(Choose three.)

Question15: Which CLI command allows visibility into SD-WAN events such as path Selection and path quality measurements?

Question16: A customer is designing a private data center to host their new web application along with a separate headquarters for users.
Which cloud-delivered security service (CDSS) would be recommended for the headquarters only?

Question17: Which two configuration items are required when the NGFW needs to act as a decryption broker for multiple transparent bridge security chains? (Choose two.)

Question18: A potential customer requires an NGFW solution which enables high-throughput, low-latency network security, all while incorporating unprecedented features and technology. They need a solution that solves the performance problems that plague today's security infrastructure.
Which aspect of the Palo Alto Networks NGFW capabilities can you highlight to help them address the requirements?

Question19: What is the recommended way to ensure that firewalls have the most current set of signatures for up-to-date protection?

Question20: A customer has business-critical applications that rely on the general web-browsing application. Which security profile can help prevent drive-by-downloads while still allowing web-browsing traffic?

Question21: When the Cortex Data Lake is sized for Traps Management Service, which two factors should be considered?
(Choose two.)

Question22: Which two tabs in Panorama can be used to identify templates to define a common base configuration?
(Choose two.)

Question23: in which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data, applications, assets, and services (DAAS) be identified?

Question24: When the Cortex Data Lake is sized for Prisma Access mobile users, what is a valid log size range you would use per day. per user?

Question25: When HTTP header logging is enabled on a URL Filtering profile, which attribute-value can be logged?

Question26: What can be applied to prevent users from unknowingly downloading malicious file types from the internet?

Question27: How do you configure the rate of file submissions to WildFire in the NGFW?

Question28: Which two components must be configured within User-ID on a new firewall that has been implemented?
(Choose two.)

Question29: Which profile or policy should be applied to protect against port scans from the internet?

Question30: XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy.
Which two features must be enabled to meet the customer's requirements? (Choose two.)

Question31: How frequently do WildFire signatures move into the antivirus database?

Question32: An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer.
The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)

Question33: A customer requires protections and verdicts for portable executable (PE) and executable and linkable format (ELF), as well as the ability to integrate with existing security tools.
Which Cloud-Delivered Security Service (CDSS) does Palo Alto Networks provide that will address this requirement?

Question34: There are different Master Keys on Panorama and managed firewalls.
What is the result if a Panorama Administrator pushes configuration to managed firewalls?

Question35: What are two core values of the Palo Alto Network Security Operating Platform? (Choose two.}

Question36: A price-sensitive customer wants to prevent attacks on a Windows Virtual Server. The server will max out at
100Mbps but needs to have 45.000 sessions to connect to multiple hosts within a data center Which VM instance should be used to secure the network by this customer?

Question37: Which statement best describes the business value of Palo Alto Networks Zero Touch Provisioning (ZTP)?

Question38: Palo Alto Networks publishes updated Command-and-Control signatures. How frequently should the related signatures schedule be set?

Question39: Which CLI command will allow you to view latency, jitter and packet loss on a virtual SD-WAN interface?

Question40:
What action would address the sub-optimal traffic path shown in the figure?
Key:
RN - Remote Network
SC - Service Connection
MU GW - Mobile User Gateway

Question41: Which filtering criterion is used to determine users to be included as members of a dynamic user group (DUG)?

Question42: In an HA pair running Active/Passive mode, over which interface do the dataplanes communicate?

Question43: In PAN-OS 10.0 and later, DNS Security allows policy actions to be applied based on which three domains?
(Choose three.)

Question44: Which selection must be configured on PAN-OS External Dynamic Lists to support MineMeld indicators?

Question45: Which three categories are identified as best practices in the Best Practice Assessment tool? (Choose three.)

Question46: Which solution informs a customer concerned about zero-day targeted attacks whether an attack is specifically targeted at its property?

Question47: When having a customer pre-sales call, which aspects of the NGFW should be covered?

Question48: A customer is looking for an analytics tool that uses the logs on the firewall to detect actionable events on the network. They require something to automatically process a series of related threat events that, when combined, indicate a likely compromised host on their network or some other higher level conclusion. They need to pinpoint the area of risk, such as compromised hosts on the network, allows you to assess the risk and take action to prevent exploitation of network resources.
Which feature of PAN-OS can you talk about to address their requirement to optimize their business outcomes?

Question49: Which three of the following actions must be taken to enable Credential Phishing Prevention? (Choose three.)

Question50: What are three purposes for the Eval Systems, Security Lifecycle Reviews and Prevention Posture Assessment tools? (Choose three.)

Question51: Which security profile on the NGFW includes signatures to protect you from brute force attacks?

Question52: A customer with a legacy firewall architecture is focused on port and protocol level security, and has heard that next generation firewalls open all ports by default. What is the appropriate rebuttal that positions the value of a NGFW over a legacy firewall?

Question53: A customer is starting to understand their Zero Trust protect surface using the Palo Alto Networks Zero Trust reference architecture.
What are two steps in this process? (Choose two.)

Question54: A customer is concerned about malicious activity occurring directly on their endpoints and will not be visible to their firewalls.
Which three actions does the Traps agent execute during a security event, beyond ensuring the prevention of this activity? (Choose three.)

Question55: A prospective customer currently uses a firewall that provides only Layer 4 inspection and protections. The customer sees traffic going to an external destination, port 53, but cannot determine what Layer 7 application traffic is going over that port Which capability of PAN-OS would address the customer's lack of visibility?

Question56: A customer with a legacy firewall architecture is focused on port and protocol level security, and has heard that next generation firewalls open all ports by default. What is the appropriate rebuttal that positions the value of a NGFW over a legacy firewall?

Question57: What are three key benefits of the Palo Alto Networks platform approach to security? (Choose three)

Question58: The firewall includes predefined reports, custom reports can be built for specific data and actionable tasks, or predefined and custom reports can be combined to compile information needed to monitor network security.
The firewall provides which three types of reports? (Choose three.)

Question59: Which Palo Alto Networks pre-sales tool involves approximately 4 hour interview to discuss a customer's current security posture?

Question60: Which three actions should be taken before deploying a firewall evaluation unt in a customer environment?
(Choose three.)

Question61: Which license is required to receive weekly dynamic updates to the correlation objects on the firewall and Panorama?

Question62: Which statement applies to Palo Alto Networks Single Pass Parallel Processing (SP3)?

Question63: Which Palo Alto Networks security component should an administrator use to and NGFW policies to remote users?

Question64: What two types of certificates are used to configure SSL Forward Proxy? (hoose two.)

Question65: What are two advantages of the DNS Sinkholing feature? (Choose two.)

Question66: What helps avoid split brain in active / passive high availability (HA) pair deployment?