Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PCNSE_10 > Exam Domain 5 – Core Concepts > Flashcards

Exam Domain 5 – Core Concepts Flashcards

1
Q
  1. What is the correct order of evaluation between the Security policy and the NAT policy?
    A. NAT policy evaluated, Security policy evaluated, NAT policy applied, Security policy
    applied
    B. NAT policy evaluated, NAT policy applied, Security policy evaluated, Security policy
    applied
    C. NAT policy evaluated, Security policy evaluated, Security policy applied, NAT policy
    applied
    D. Security policy evaluated, NAT evaluated, NAT policy applied, Security policy applied
A

C. NAT policy evaluated, Security policy evaluated, Security policy applied, NAT policy applied

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Which two statements are true regarding firewall policy? (Choose two.)
    A. All policy rules are evaluated, and the most specific rule will match.
    B. Policy rules are evaluated from the top down, and the first rule matched processes the
    traffic.
    C. Interzone traffic is allowed by default.
    D. Intrazone traffic is allowed by default.
    E. Outbound traffic is allowed by default. Only inbound traffic is evaluated.
A

B. Policy rules are evaluated from the top down, and the first rule matched processes the traffic.

D. Intrazone traffic is allowed by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. Which firewall operation order correct?
    A. decryption, check allowed ports, App-ID identification, check Security policy
    B. decryption, App-ID identification, check allowed ports, check Security policy
    C. check allowed ports, decryption, App-ID identification, check Security policy
    D. decryption, App-ID identification, check Security policy, check allowed ports
A

C. check allowed ports, decryption, App-ID identification, check Security policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
178. Packet Buffer Protection defends against which type of denial-of-service attack?
A. from distributed sessions
B. from a single App-ID source
C. from multiple App-ID sources
D. from a single session
A

D. from a single session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which defense is turned on when a Packet Buffer Protection event is detected?
    A. SYN cookie management of attacking session traffic
    B. Random Early Drop of packets from the attacking session
    C. block all packets from the attacking session for the configured duration
    D. block all packets from the attacking IP address for the configured duration
A

B. Random Early Drop of packets from the attacking session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
180. A URL Filtering Profile is part of which type of identification?
A. App-ID
B. Content-ID
C. User-ID
D. Service
A

B. Content-ID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
181. Which stage of the attack lifecycle is most likely to be stopped by dividing the network into separate security zones and enabling packet-based zone protection?
A. Reconnaissance
B. Execution
C. Lateral movement
D. Data exfiltration
A

A. Reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
182. Which component can tell you if an attack is an APT or a broad attack designed to produce a botnet for future abuse?
A. next-generation firewall
B. WildFire
C. MineMeld
D. AutoFocus
A

D. AutoFocus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
183. User-ID maps users to which type of information?
A. MAC addresses
B. IP addresses
C. IP address and port number
D. port numbers
A

B. IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
184. User-ID uses which protocol to map between user identities and groups?
A. NetBIOS
B. LDAP
C. syslog
D. HTTPS
A

B. LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
185. What format do you use when calling the API to inform the firewall of a new IP address-to- User-ID mapping?
A. XML
B. JSON
C. YAML
D. Base64
A

A. XML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
186. On a PA-7000 Series firewall, which management function runs on a separate, dedicated card?
A. configuration management
B. logging
C. reporting
D. management web service
A

B. logging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Do some next-generation firewall models use FPGA chips?
    A. no, never
    B. yes, on the data plane, but only on higher-end models
    C. yes, on the management plane, but only on higher-end models
    D. on both data the data plane and the management plane, but only on higher-end models
A

B. yes, on the data plane, but only on higher-end models

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
188. Which function resides on the management plane?
A. App-ID matching
B. route lookup
C. policy match
D. logging
A

D. logging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
189. Which parameter is important for QoS policy match decisions?
A. App-ID
B. Content-ID
C. User-ID
D. Ingress interface
A

A. App-ID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
190. What is the maximum number of QoS classes supported by the next-generation firewall?
A. 4
B. 8
C. 16
D. 32
A

B. 8

17
Q 
191. Which file type is not supported by WildFire?
A. iOS
B. Android
C. Windows PE
D. Microsoft Excel
A

A. iOS

18
Q
  1. The firewall will skip the upload to WildFire in which three cases? (Choose three.)
    A. The file has been signed by a trusted signer.
    B. The file is being uploaded rather than downloaded.
    C. The file is an attachment in an email.
    D. The file hash matches a previous submission.
    E. The file is larger than 50MB.
    F. The file is transferred through HTTPS.
A

A. The file has been signed by a trusted signer.

D. The file hash matches a previous submission.
E. The file is larger than 50MB.

19
Q 
193. Which feature is not supported on the WF-500 appliance?
A. Bare metal analysis
B. Microsoft Windows XP 32-bit analysis
C. Microsoft Windows 7 64-bit analysis
D. static analysis
A

A. Bare metal analysis

20
Q 
194. What are the two purposes of multi-factor authentication? (Choose two.)
A. reduce the value of stolen passwords
B. simplify password resets
C. reduce and prevent password sharing
D. ensure strong passwords
E. provide single sign-on functionality
A

A. reduce the value of stolen passwords

C. reduce and prevent password sharing

21
Q 
195. Which MFA factor is not supported by the next-generation firewall?
A. voice
B. push
C. SMS
D. S/Key
A

D. S/Key

22
Q
  1. What is the meaning of setting the source user to known-user in an Authentication policy
    rule?
    A. The user identity is known (linked to an IP address), but the resource is sensitive
    enough to require additional authentication.
    B. The next-generation firewall will demand user authentication, and only then will the
    resource be available.
    C. The source device is a known device that is used only by a single person.
    D. The firewall attempts to match only users defined in the firewall’s local user database.
A

A. The user identity is known (linked to an IP address), but the resource is sensitive
enough to require additional authentication.

23
Q 
197. What are the two Captive Portal modes? (Choose two.)
A. proxy
B. transparent
C. web form
D. certificate
E. redirect
A

B. transparent

E. redirect

24
Q 
198. Which action is not required when multi-factor authentication and a SAML Identity
Provider (IdP) are configured?
A. create an Authentication policy rule
B. configure NTLM settings
C. create an Authentication object
D. create an Authentication Profile
A

B. configure NTLM settings

25
Q
  1. An Authentication policy rule has a HIP Profile. Where are the users being authenticated
    coming from?
    A. internal devices, such as Linux workstations
    B. external devices belonging to customers of the organization
    C. internal servers running UNIX (Solaris, HPUX, AIX, etc.)
    D. GlobalProtect connections through the internet
A

D. GlobalProtect connections through the internet

26
Q
  1. A company has strict security requirements that require inspection of every connection
    between two internal computers. Those internal computers are connected and disconnected
    by non-technical users in an environment without a DHCP server. How does traffic get
    forwarded between those internal computers?
    A. a switch
    B. a firewall configured as a switch, with Layer 2 interfaces
    C. a firewall configured as a router, with Layer 3 interfaces
    D. a firewall in TAP mode or Virtual Mirror mode
A

B. a firewall configured as a switch, with Layer 2 interfaces

27
Q
  1. Two links to the internet go through two ISPs (for backup purposes). Link A has a lower
    latency, and link B supports a higher bandwidth. How would you force a specific application to
    use only Link B when the route table enables the application to use either link?
    A. specify the application in a Policy Based Forwarding rule
    B. specify the application in the virtual router’s route table
    C. specify the application in a QoS policy rule
    D. specify the application in an Application Override policy rule
A

A. specify the application in a Policy Based Forwarding rule

28
Q
  1. Can you put a device on each end of a VPN tunnel on the same Ethernet segment?
    A. No, because this requirement never happens.
    B. No, because Ethernet at Layer 2 is a lower layer than a Layer 3 VPN tunnel.
    C. Yes, if you tunnel Ethernet over IP.
    D. Yes, because VPN tunnels can be Layer 2 tunnels.
A

C. Yes, if you tunnel Ethernet over IP.

29
Q 
203. Which action specifies that Security Profiles are relevant in a policy rule?
A. deny
B. drop
C. reset
D. allow
A

D. allow

30
Q
  1. Are files quarantined while WildFire checks if they are malware or legitimate?
    A. always yes
    B. always no
    C. by default, yes, but you can change the settings
    D. by default, no, but you can change the settings
A

B. always no

31
Q 
205. Which feature of the next-generation firewall allows you to block websites that are not
business-appropriate?
A. App-ID
B. File Blocking
C. Exploit Protection
D. URL Filtering
A

D. URL Filtering

32
Q 
206. Which operating system do you select to use for a Palo Alto Networks firewall running in
Microsoft Azure?
A. Windows
B. BSD
C. Linux
D. UNIX
A

C. Linux

33
Q
  1. What option lists the four component directories of a Palo Alto Networks bootstrap
    container?
    A. software, config, license, and content
    B. software, config, lic, and content
    C. software, configuration, license, and content
    D. software, configuration, lic, and content
A

A. software, config, license, and content

34
Q 
208. Which environment supports a USB drive for the firewall bootstrap?
A. VMware ESXi
B. physical firewall
C. Microsoft Hyper-V
D. KVM
A

B. physical firewall

PCNSE_10 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions