1-What is the key benefit of Palo Alto Networks Single Pass Parallel Processing

design?
*Only one processor is needed to complete all the functions within the box
2-Which security profile on the NGFW includes signatures to protect you from brute
force attacks?
*Vulnerability Protection Profile
3-The need for a file proxy solution, virus and spyware scanner, a vulnerability
scanner, and HTTP decoder for URL filtering is handled by which component in the
NGFW?
*Stream-based Signature Engine
4-A customer is looking for an analytics tool that uses the logs on the firewall to
detect actionable events on the network. They require something to automatically
process a series of related threat events that, when combined, indicate a likely
compromised host on their network or some other higher level conclusion. They need
to pinpoint the area of risk, such as compromised hosts on the network, allows you
to assess the risk and take action to prevent exploitation of network resources.
Which feature of PAN-OS can you talk about to address their requirement to optimize
their business outcomes?
*The Automated Correlation Engine
5-Which two email links, contained in SMTP and POP3, can be submitted from WildFire
analysis with a WildFire subscription? (Choose two.)
*HTTPS/HTTP
6-What two types of certificates are used to configure SSL Forward Proxy? (‫¡׀‬hoose
two.)
*Enterprise CA-signed certificates/Self-Signed certificates
7-Which two of the following does decryption broker provide on a NGFW? (Choose
two.)
*Decryption broker allows you to offload SSL decryption to the Palo Alto Networks
next-generation firewall and decrypt traffic only once
*Eliminates the need for a third party SSL decryption option which allows you to
reduce the total number of third party devices performing analysis and enforcement
8-There are different Master Keys on Panorama and managed firewalls.
What is the result if a Panorama Administrator pushes configuration to managed
firewalls?
*The push operation will fail regardless of an error or not within the
configuration itself
9-Which task would be identified in Best Practice Assessment tool?
*identify sanctioned and unsanctioned SaaS applications
10-A customer requests that a known spyware threat signature be triggered based on
a rate of occurrence, for example, 10 hits in 5 seconds.
How is this goal accomplished?
*Create a custom spyware signature matching the known signature with the time
attribute
11-Which two features are found in Palo Alto Networks NGFW but are absent in a
legacy firewall product? (Choose two.)
*Policy match is based on application / Identification of application is possible
on any port
12-For customers with high bandwidth requirements for Service Connections, what two
limitations exist when onboarding multiple Service Connections to the same
Prisma Access location servicing a single Datacenter? (Choose two.)
*Network segments in the Datacenter need to be advertised to only one Service
Connection
*A maximum of four service connections per Datacenter are supported with this
topology
13-Which three categories are identified as best practices in the Best Practice
Assessment tool? (Choose three.)
*identify sanctioned and unsanctioned SaaS applications / measure the adoption of
URL filters, App-ID, User-ID / use of decryption policies
14-You have a prospective customer that is looking for a way to provide secure
temporary access to contractors for a designated period of time. They currently add
contractors to existing user groups and create ad hoc policies to provide network
access. They admit that once the contractor no longer needs access to the network,
administrators are usually too busy to manually delete policies that provided
access to the contractor. This has resulted in over-provisioned access that has
allowed unauthorized access to their systems.
They are looking for a solution to automatically remove access for contractors once
access is no longer required.
You address their concern by describing which feature in the NGFW?
*Dynamic User Groups
15-Which methods are used to check for Corporate Credential Submissions? (Choose
three.)
*Group Mapping / IP User Mapping / Domain Credential Filter
16-WildFire subscription supports analysis of which three types? (Choose three.)
*7-Zip / Flash / ISO
17-The WildFire Inline Machine Learning is configured using which Content-ID
profiles?
*Antivirus Profile
18-In an HA pair running Active/Passive mode, over which interface do the
dataplanes communicate?
*HA2
19-A potential customer requires an NGFW solution which enables high-throughput,
low-latency network security, all while incorporating unprecedented features and
technology. They need a solution that solves the performance problems that plague
today's security infrastructure.
Which aspect of the Palo Alto Networks NGFW capabilities can you highlight to help
them address the requirements?
*SP3 (Single Pass Parallel Processing)
20-What filtering criteria is used to determine what users to include as members of
a dynamic user group?
*Tags
21-Which three features are used to prevent abuse of stolen credentials? (Choose
three.)
*multi-factor authentication / WildFire Profiles / SSL decryption rules
22-A customer has business-critical applications that rely on the general web-
browsing application. Which security profile can help prevent drive-by-downloads
while still allowing web-browsing traffic?
* File Blocking Profile
23-Which three settings must be configured to enable Credential Phishing
Prevention? (Choose three.)
*validate credential submission detection / enable User-ID / define URL Filtering
Profile
24-A customer with a legacy firewall architecture is focused on port and protocol
level security, and has heard that next generation firewalls open all ports by
default.
What is the appropriate rebuttal that positions the value of a NGFW over a legacy
firewall?
* Palo Alto Networks keep ports closed by default, only opening ports after
understanding the application request, and then opening only the application-
specified ports
25-Which four actions can be configured in an Anti-Spyware profile to address
command-and-control traffic from compromised hosts? (Choose four.)
*Reset / Drop / Allow / Alert
26-What are three valid sources that are supported for user IP address mapping in
Palo Alto Networks NGFW? (Choose three.)
*Client Probing / Active Directory monitoring / eDirectory monitoring
27-Which CLI allows you to view the names of SD-WAN policy rules that send traffic
to the specified virtual SD-WAN interface, along with the performance metrics?
*>show sdwan rule vif sdwan.x
28-Which two actions can be taken to enforce protection from brute force attacks in
the security policy? (Choose two.)
*Install content updates that include new signatures to protect against emerging
threats
Attach the vulnerability profile to a security rule
29-A customer is concerned about zero-day targeted attacks against its intellectual
property.
Which solution informs a customer whether an attack is specifically targeted at
them?
*Cortex XDR Prevent
30-Which three actions should be taken before deploying a firewall evaluation unit
in the customer's environment? (Choose three.)
*Reset the evaluation unit to factory default to ensure that data from any previous
customer evaluation is removed
Upgrade the evaluation unit to the most current recommended firmware, unless a demo
of the upgrade process is planned
Inform the customer that they will need to provide a SPAN port for the evaluation
unit assuming a TAP mode deployment
31-Which three activities can the botnet report track? (Choose three.)
*Accessing domains registered in the last 30 days / Launching a P2P application /
Using dynamic DNS domain providers
32-A customer requires protections and verdicts for PE (portable executable) and
ELF (executable and linkable format) as well as integration with products and
services can also access the immediate verdicts to coordinate enforcement to
prevent successful attacks.
What competitive feature does Palo Alto Networks provide that will address this
requirement?
* WildFire
33-Which statement is true about Deviating Devices and metrics?
*A metric health baseline is determined by averaging the health performance for a
given metric over seven days plus the standard deviation
35-Palo Alto Networks publishes updated Command-and-Control signatures.
How frequently should the related signatures schedule be set?
*Once a week
36-Which two methods will help avoid Split Brain when running HA in Active/Active
mode? (Choose two.)
*Configure a Backup HA1 Interface / Configure a Heartbeat Backup
37-Which three script types can be analyzed in WildFire? (Choose three.)
*JScript / PythonScript / VBScript
38-What helps avoid split brain in active/passive HA pair deployment?
*Use the management interface as the HA1 backup link
40-What are three considerations when deploying User-ID? (Choose three.)
*Specify included and excluded networks when configuring User-ID / Only enable
User-ID on trusted zones
Use a dedicated service account for User-ID services with the minimal permissions
necessary
41-Which three considerations should be made prior to installing a decryption
policy on the NGFW? (Choose three.)
*Include all traffic types in decryption policy / Inability to access websites /
Exclude certain types of traffic in decryption policy
42-Which three components are specific to the Query Builder found in the Custom
Report creation dialog of the firewall? (Choose three.)
*Connector / Operator / Attribute
43-Which CLI commands allows you to view SD-WAN events such as path selection and
path quality measurements?
* >show sdwan event
44-Which three steps in the cyberattack lifecycle does Palo Alto Networks Security
Operating Platform prevent? (Choose three.)
*deliver the malware / exfiltrate data / lateral movement
45-Which profile or policy should be applied to protect against port scans from the
internet?
*Zone protection profile on the zone of the ingress interface
46-Which two products are included in the Prisma Brand? (Choose two.)
*Prisma Cloud Compute / Prisma Cloud Enterprise
47-Which three platform components can identify and protect against malicious email
links? (Choose three.)
* WildFire public cloud / WF-500 / M-200
48-When having a customer pre-sales call, which aspects of the NGFW should be
covered?
*Palo Alto Networks URL Filtering allows you to monitor and control the sites users
can access, to prevent phishing attacks by controlling the sites to which users can
submit valid corporate credentials, and to enforce safe search for search engines
like Google and Bing
49-