Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PCNSE_10 > Exam Domain 3 – Operate > Flashcards

Exam Domain 3 – Operate Flashcards

1
Q 
131. A firewall can forward log events to which two types of log formats? (Choose two.)
A. XES
B. SNMP
C. Http
D. databases using xml format
E. NCSA
A

B. SNMP

C. Http

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. How does a firewall forward log events to an external destination?
    A. They are sent in batches at the frequency specified in the destination’s Server Profile.
    B. They are queued and sent in batches at differing intervals depending on the event
    severity.
    C. They are sent as quickly as the required QoS policy rule governing log event traffic allows.
    D. They are sent in real time as the firewall generates them.
A

D. They are sent in real time as the firewall generates them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. Which two firewall logs can be exported using the Scheduled Log Export function? (Choose
    two.)
    A. Configuration
    B. System
    C. Traffic
    D. URL
A

C. Traffic

D. URL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which filter finds all log entries for traffic that originates from the internal device whose IP
    address is 172.17.1.3 and according to the header appears to be HTTP or HTTPS?
    A. ( addr.src in 172.17.1.3 ) and ( ( port.dst eq 80 ) or ( port.dst eq 443 ) )
    B. ( ( addr.src in 172.17.1.3 ) and ( port.dst eq 80 ) ) or ( port.dst eq 443 )
    C. ( src.addr in 172.17.1.3 ) and ( ( dst.port eq 80 ) or ( dst.port eq 443 ) )
    D. ( ( src.addr in 172.17.1.3 ) and ( dst.port eq 80 ) ) or ( dst. port eq 443 )
A

A. ( addr.src in 172.17.1.3 ) and ( ( port.dst eq 80 ) or ( port.dst eq 443 ) )

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which two log files would you use if you suspect that a rogue administrator is modifying
    the firewall’s rulebase to allow and hide illicit traffic? (Choose two.)
    A. Traffic
    B. Threat
    C. Data Filtering
    D. Configuration
    E. System
A

D. Configuration

E. System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
136. Which product is required to use event correlation?
A. next-generation firewall, PA-220
B. Advanced Endpoint Protection
C. Panorama
D. GlobalProtect
A

C. Panorama

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. How would you configure the firewall to control access to a custom DNS application that operates differently from the standard DNS application?
    A. You cannot do it with the next-generation firewall. You need to manually configure a
    proxy.
    B. Create specific rules for the sources and destinations that run this application.
    C. Create a custom DNS application and add it to separate Security policy rules.
    D. Create an Application Override policy and specify the sources and destinations that run
    this application.
A

C. Create a custom DNS application and add it to separate Security policy rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. What are two results of using Application Override policies? (Choose two.)
    A. prevent matching traffic from entering VPN tunnels
    B. apply a specified App-ID label to matching traffic
    C. prevent matching traffic from being logged
    D. cause matching traffic to bypass Content-ID processing
A

B. apply a specified App-ID label to matching traffic

D. cause matching traffic to bypass Content-ID processing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
139. Which two types of entities can have custom signatures? (Choose two.)
A. services
B. URL categories
C. user groups
D. applications
E. vulnerabilities
A

D. applications

E. vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
140. Match the upgrade step description with the correct step number.
Upgrade PAN-OS software Step ?
Reboot the firewall Step ?
Update dynamic content Step ?
Activate subscription licenses Step ?
A 
140. Match the upgrade step description with the correct step number.
Upgrade PAN-OS software Step 3
Reboot the firewall Step 4
Update dynamic content Step 2
Activate subscription licenses Step 1
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
141. Match each component with the order in which the component should be upgraded to a
new version of PAN-OS software.
HA active firewall Step ?
Panorama Step ?
Log Collector Step ?
HA passive firewall Step ?
A 
141. Match each component with the order in which the component should be upgraded to a
new version of PAN-OS software.
HA active firewall Step 4
Panorama Step 1
Log Collector Step 2
HA passive firewall Step 3
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. How do you upgrade an active/passive HA firewall pair to PAN-OS 10.0 while maintaining
    internet access?
    A. Upgrade the active firewall first, then the passive one.
    B. Upgrade the passive firewall first, then the active one.
    C. Run the upgrade on the active firewall. It will manage the process and upgrade the
    passive firewall.
    D. You must upgrade both members of the pair at the same time, which requires an
    upgrade window that allows downtime.
A

B. Upgrade the passive firewall first, then the active one.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
143. What is the format of the firewall configuration files?
A. YAML
B. JSON
C. XML
D. CSV
A

C. XML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Which method can be used to restore the previous configuration when a new
    configuration committed on a firewall has undesired consequences?
    A. Use the Load configuration version to restore the previous configuration settings, and
    follow with commit.
    B. Use the Rollback commit link in the commit completion message.
    C. Use the Import device state to restore the pre-commit configuration.
    D. Use the Load named configuration snapshot to restore the previous configuration, and
    follow with a commit.
A

A. Use the Load configuration version to restore the previous configuration settings, and
follow with commit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
145. Which CLI command do you use to move a configuration file from an external server to a firewall’s local storage?
A. rdist
B. ssh
C. scp
D. rcp
A

C. scp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
146. Which feature is an intended advantage of an active/active firewall pair versus an
active/passive pair?
A. increased throughput
B. support of asynchronous routing
C. increased session count
D. shared dynamic updates
A

B. support of asynchronous routing

17
Q
  1. Which configuration object does a firewall use to forward HA-related events to an external monitoring technology?
    A. Device > Log Settings > System Log settings
    B. Objects > Log Forwarding Profile > System Log Type
    C. Device > High Availability > General > Event Forwarding
    D. Dashboard > High Availability widget > Notification
A

A. Device > Log Settings > System Log settings

18
Q
  1. Which two Panorama objects can display current HA state information about a managed firewall? (Choose two.)
    A. firewall listings in Monitor > HA Status
    B. firewall specific information in Managed Devices > Health
    C. firewall listings in Managed Devices > Summary
    D. firewall HA Status widget in Dashboard > Widgets
    E. firewall HA status in Panorama > High Availability
A

B. firewall specific information in Managed Devices > Health

C. firewall listings in Managed Devices > Summary

19
Q
  1. Which method is used to connect a firewall to AutoFocus to query data?
    A. Click the AutoFocus link in the firewall management user interface under Device >
    Licenses > AutoFocus
    B. Click the link found in the log events under the firewall’s Monitor > Logs > AutoFocus
    C. Configure the connection using the Dashboard’s AutoFocus widget
    D. Click the link found in the log event under the firewall’s Monitor > threat-related log
    > threat detail
A

D. Click the link found in the log event under the firewall’s Monitor > threat-related log
> threat detail

20
Q
  1. What is a principle benefit of the AutoFocus product?
    A. provide additional threat detection data to the firewall
    B. manage access to SaaS applications through the firewall
    C. provide additional context to previously discovered threats
    D. examine Cortex Data Lake log data for undetected threats
A

C. provide additional context to previously discovered threats

21
Q
  1. After an Applications and Threats dynamic update is downloaded to the firewall, where
    can information about changes to the App-IDs be found?
    A. Summary link in the log event detail reporting the dynamic update file download
    B. Review Policies link at the bottom of the Security policy rules display
    C. Review Apps link appearing next to the downloaded Applications and Threats file
    D. Details link in the dynamic file availability announcement appearing in the News Feed
    widget on the dashboard
A

C. Review Apps link appearing next to the downloaded Applications and Threats file

22
Q
  1. The GlobalProtect Data File dynamic update contains which kinds of data?
    A. GlobalProtect client package software updates for Windows and Macintosh
    B. list of available connection points for Prisma Access
    C. HIP check detection data for the GlobalProtect clients
    D. updates to cypher suites used by the GlobalProtect client
A

C. HIP check detection data for the GlobalProtect clients

23
Q
  1. When application details are viewed in the App-ID database, which field indicates that a
    recent change to the application might affect your Security policy rules?
    A. Name
    B. Depends on
    C. Previously Identified As
    D. App-ID Enabled
A

C. Previously Identified As

24
Q
  1. How are HA firewall pairs kept in sync when Panorama pushes dynamic updates?
    A. Panorama delivers the dynamic update to the active firewall(s) of the HA pair and
    updates the passive partner when a failover occurs in active/passive pairs.
    B. Panorama delivers the update to one firewall, which syncs with its HA partner.
    C. Panorama delivers the dynamic update to both firewalls simultaneously.
    D. Panorama delivers the dynamic update to the active firewall, which triggers the passive
    partner to request the file from Panorama.
A

C. Panorama delivers the dynamic update to both firewalls simultaneously.

25
Q 
155. Which type of device can receive the Antivirus content update?
A. Log Collector
B. firewall
C. AutoFocus
D. MineMeld
A

B. firewall

26
Q
  1. Which requirement must a Panorama meet to update a managed firewall’s antivirus
    signatures?
    A. The PAN-OS versions on the firewall and Panorama must be the same.
    B. Panorama and the firewall must be able to connect to the Palo Alto Networks update
    server.
    C. The update must be installed on Panorama before it is installed on any firewalls.
    D. Panorama must download an antivirus file version compatible with the target firewall’s
    PAN-OS version.
A

D. Panorama must download an antivirus file version compatible with the target firewall’s
PAN-OS version.

PCNSE_10 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions