Quiz 8

Question 1

When creating an application filter, which of the following is true?

Select one:

a. Excessive bandwidth may be used as a filter match criteria x

b. They are called dynamic because they will automatically include new applications from an application signature update if the new application’s type is included in the filter

c. They are used by malware

d. They are called dynamic because they automatically adapt to new IP addresses

Answer 1

b. They are called dynamic because they will automatically include new applications from an application signature update if the new application’s type is included in the filter

Question 2

Select True or False. On the Next Generation firewall, application groups are always automatically updated when new applications are added to the App-ID database.

Select one:

a. False

b. True

Answer 2

a. False

Question 3

In a Next Generation firewall, how many packet does it take to identify the application in a TCP exchange?

Select one:

a. One

b. Two

c. Three

d. Four or five

Answer 3

Four or five

Question 4

What feature on the Next Generation firewall will set the security policy to allow the application on the standard ports associated with the application?

Select one:

a. Application-dependent

b. Application-implicit

c. Application-custom

d. Application-default

Answer 4

Application-default

Question 5

What feature on the Next Generation firewall can be used to identify, in real time, the applications taking up the most bandwidth?

Select one:

a. Application Command Center (ACC)

b. Quality of Service Log

c. Quality of Service Statistics

d. Applications Report

Answer 5

a. Application Command Center (ACC)

Question 6

What are the three pre-defined tabs in the Next Generation firewall Application Command Center (ACC)?

Choose the 3 correct choices.

If you choose an incorrect choice your question score will be deducted.

Select one or more:

a. Network Traffic

b. Blocked Activity

c. Application Traffic

d. Threat Activity

Answer 6

Network Traffic

Blocked Activity

Threat Activity

Question 7

How would App-ID label TCP traffic when the three-way handshake completes, but not enough data is sent to identify an application?

Select one:

a.
unknown-tcp

b.
insufficient-data

c.
incomplete

d.
not-applicable

Answer 7

insufficient-data

Question 8

When an Applications and Threats content update is performed, which is the earliest point where you can review the impact of new application signatures on existing policies?

Select one:

a.

after install

b.
after download

c.
after clicking Check Now

d.
after commit

Answer 8

after download

Question 9

Which three methods does App-ID use to identify network traffic?

Choose the 3 correct choices.

If you choose an incorrect choice your question score will be deducted.

Select one or more:

a.

signatures

b.

URL category

c.

heuristics

d.
application filter match

e.
protocol decoders

Answer 9

signatures
heuristics
protocol decoders

Question 10

True or false? When migration is done from the firewall of another vendor to a Palo Alto Networks firewall, a best practice is to always migrate the existing Security policy.

Select one:
True
False

Answer 10

True

Question 11

True or false? If App-ID cannot identify the traffic, Content-ID cannot inspect the traffic for malware.

Select one:
True
False

Answer 11

True