Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

p11 > q_51-75 > Flashcards

q_51-75 Flashcards

1
Q

Question #51 Topic 1
An administrator has users accessing network resources through Citrix XenApp 7.x.
Which User-ID mapping solution will map multiple users who are using Citrix to connect to the network and access resources?
A. Client Probing
B. Terminal Services agent
C. GlobalProtect
D. Syslog Monitoring

A

B. Terminal Services agent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Question #52 Topic 1
An administrator needs to upgrade a Palo Alto Networks NGFW to the most current version of PAN-OS®ֲ software. The firewall has internet connectivity through an Ethernet interface, but no internet connectivity from the management interface. The Security policy has the default security rules and a rule that allows all web- browsing traffic from any to any zone. What must the administrator configure so that the PAN-OS®ֲ software can be upgraded?
A. Security policy rule
B. CRL
C. Service route
D. Scheduler

A

C. Service route

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Question #53 Topic 1
Which feature prevents the submission of corporate login information into website forms?
A. Data filtering
B. User-ID
C. File blocking
D. Credential phishing prevention

A

D. Credential phishing prevention

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Question #54 Topic 1
Which option is part of the content inspection process?
A. Packet forwarding process
B. SSL Proxy re-encrypt
C. IPsec tunnel encryption
D. Packet egress process

A

B. SSL Proxy re-encrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Question #55 Topic 1
In a virtual router, which object contains all potential routes?
A. MIB
B. RIB
C. SIP
D. FIB

A

B. RIB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Question #56 Topic 1
An administrator creates an SSL decryption rule decrypting traffic on all ports. The administrator also creates a Security policy rule allowing only the applications DNS, SSL, and web-browsing.
The administrator generates three encrypted BitTorrent connections and checks the Traffic logs. There are three entries. The first entry shows traffic dropped as application Unknown. The next two entries show traffic allowed as application SSL. Which action will stop the second and subsequent encrypted BitTorrent connections from being allowed as SSL?
A. Create a decryption rule matching the encrypted BitTorrent traffic with action No-Decrypt, and place the rule at the top of the
Decryption policy.
B. Create a Security policy rule that matches application encrypted BitTorrent and place the rule at the top of the Security policy.
C. Disable the exclude cache option for the firewall.
D. Create a Decryption Profile to block traffic using unsupported cyphers, and attach the profile to the decryption rule.

A

D. Create a Decryption Profile to block traffic using unsupported cyphers, and attach the profile to the decryption rule.

D is Correct
There is no application called “encrypted BitTorrent” so “B” is out
“A” would not work either since you would still need to create a Decryption Profile which is not mentioned.
“D” is the most complete answer which is to create the Decryption Profile and attach it to the Decryption rule.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Question #57 Topic 1
Refer to the exhibit.
Which certificates can be used as a Forward Trust certificate?
A. Certificate from Default Trust Certificate Authorities
B. Domain Sub-CA
C. Forward-Trust
D. Domain-Root-Cert

A

B. Domain Sub-CA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Question #58 Topic 1
Which option would an administrator choose to define the certificate and protocol that Panorama and its managed devices use for SSL/TLS
services?
A. Configure a Decryption Profile and select SSL/TLS services.
B. Set up SSL/TLS under Policies > Service/URL Category > Service.
C. Set up Security policy rule to allow SSL communication.
D. Configure an SSL/TLS Profile.

A

D. Configure an SSL/TLS Profile.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Question #59 Topic 1
Which menu item enables a firewall administrator to see details about traffic that is currently active through the NGFW?
A. ACC
B. System Logs
C. App Scope
D. Session Browser

A

D. Session Browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Question #60 Topic 1
Which protection feature is available only in a Zone Protection Profile?
A. SYN Flood Protection using SYN Flood Cookies
B. ICMP Flood Protection
C. Port Scan Protection
D. UDP Flood Protections

A

C. Port Scan Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Question #61 Topic 1
Which CLI command can be used to export the tcpdump capture?
A. scp export tcpdump from mgmt.pcap to < username@host:path>
B. scp extract mgmt-pcap from mgmt.pcap to < username@host:path>
C. scp export mgmt-pcap from mgmt.pcap to < username@host:path>
D. download mgmt-pcap

A

C. scp export mgmt-pcap from mgmt.pcap to < username@host:path>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Question #62 Topic 1
An administrator has configured the Palo Alto Networks NGFW’s management interface to connect to the internet through a dedicated path that does not traverse back through the NGFW itself.
Which configuration setting or step will allow the firewall to get automatic application signature updates?
A. A scheduler will need to be configured for application signatures.
B. A Security policy rule will need to be configured to allow the update requests from the firewall to the update servers.
C. A Threat Prevention license will need to be installed.
D. A service route will need to be configured.

A

A. A scheduler will need to be configured for application signatures.

attentionto detail
It clearly says the Mgmt interface has internet access, not through the firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Question #63 Topic 1
Which three options are supported in HA Lite? (Choose three.)
A. Virtual link
B. Active/passive deployment
C. Synchronization of IPsec security associations
D. Configuration synchronization
E. Session synchronization

A

B. Active/passive deployment
C. Synchronization of IPsec security associations
D. Configuration synchronization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Question #64 Topic 1
Which CLI command enables an administrator to view details about the firewall including uptime, PAN-OS®ֲ version, and serial number?
A. debug system details
B. show session info
C. show system info
D. show system details

A

C. show system info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Question #65 Topic 1
During the packet flow process, which two processes are performed in application identification? (Choose two.)
A. Pattern based application identification
B. Application override policy match
C. Application changed from content inspection
D. Session application identified

A

!!READ CLOSER!!!
A. Pattern based application identification
B. Application override policy match

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Question #66 Topic 1
Which tool provides an administrator the ability to see trends in traffic over periods of time, such as threats detected in the last 30 days?
A. Session Browser
B. Application Command Center
C. TCP Dump
D. Packet Capture

A

B. Application Command Center

17
Q

Question #67 Topic 1
The certificate information displayed in the following image is for which type of certificate?
((only CA box is checked)
A. Forward Trust certificate
B. Self-Signed Root CA certificate
C. Web Server certificate
D. Public CA signed certificate

A

B. Self-Signed Root CA certificate

crappy graphic questions…

18
Q

Question #68 Topic 1
Which three steps will reduce the CPU utilization on the management plane? (Choose three.)
A. Disable SNMP on the management interface.
B. Application override of SSL application.
C. Disable logging at session start in Security policies.
D. Disable predefined reports.
E. Reduce the traffic being decrypted by the firewall.

A

A. Disable SNMP on the management interface.

C. Disable logging at session start in Security policies.
D. Disable predefined reports.

19
Q

Question #69 Topic 1
Which feature must you configure to prevent users from accidentally submitting their corporate credentials to a phishing website?
A. URL Filtering profile
B. Zone Protection profile
C. Anti-Spyware profile
D. Vulnerability Protection profile

A

A. URL Filtering profile

20
Q

Question #70 Topic 1
How can a candidate or running configuration be copied to a host external from Panorama?
A. Commit a running configuration.
B. Save a configuration snapshot.
C. Save a candidate configuration.
D. Export a named configuration snapshot.

A

D. Export a named configuration snapshot.

21
Q

Question #71 Topic 1
If an administrator does not possess a website’s certificate, which SSL decryption mode will allow the Palo Alto Networks NGFW to inspect traffic when users browse to HTTP(S) websites?
A. SSL Forward Proxy
B. SSL Inbound Inspection
C. SSL Reverse Proxy
D. SSL Outbound Inspection

A

A. SSL Forward Proxy

Vs. SSL Inbound Inspection where you have the Website cert.

22
Q

Question #72 Topic 1
An administrator sees several inbound sessions identified as unknown-tcp in the Traffic logs. The administrator determines that these sessions are form external users accessing the company’s proprietary accounting application. The administrator wants to reliably identify this traffic as their accounting application and to scan this traffic for threats. Which option would achieve this result?
A. Create a custom App-ID and enable scanning on the advanced tab.
B. Create an Application Override policy.
C. Create a custom App-ID and use the ג€ordered conditions ג€ check box.
D. Create an Application Override policy and a custom threat signature for the application.

A

A. Create a custom App-ID and enable scanning on the advanced tab.

23
Q

Question #73 Topic 1
The administrator has enabled BGP on a virtual router on the Palo Alto Networks NGFW, but new routes do not seem to be populating the virtual router. Which two options would help the administrator troubleshoot this issue? (Choose two.)

A. View the System logs and look for the error messages about BGP.
B. Perform a traffic pcap on the NGFW to see any BGP problems.
C. View the Runtime Stats and look for problems with BGP configuration.
D. View the ACC tab to isolate routing issues.

A

B. Perform a traffic pcap on the NGFW to see any BGP problems.
C. View the Runtime Stats and look for problems with BGP configuration.

24
Q

Question #74 Topic 1
An administrator has enabled OSPF on a virtual router on the NGFW. OSPF is not adding new routes to the virtual router.
Which two options enable the administrator to troubleshoot this issue? (Choose two.)
A. View Runtime Stats in the virtual router.
B. View System logs.
C. Add a redistribution profile to forward as BGP updates.
D. Perform a traffic pcap at the routing stage.

A

A. View Runtime Stats in the virtual router.
B. View System logs.

25
Q

Question #75 Topic 1
Which three firewall states are valid? (Choose three.)
A. Active
B. Functional
C. Pending
D. Passive
E. Suspended

A

A. Active

D. Passive
E. Suspended

p11 (26 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions