Question 1 of 28.

Which two PAN-OS tabs would an administrator use to identify compromised users after a
spike in dangerous traffic is observed? (Choose two.)
ACC
Network
Monitor
Policies
Objects
Device

Mark for follow up

Question 2 of 28.

How quickly are WildFire updates about previously unknown files being delivered from the
cloud to customers with a WildFire subscription?

5 minutes
1 day
15 minutes

60 minutes

30 minutes

Mark for follow up

Question 3 of 28.

True or false: One advantage of Single-Pass Parallel Processing (SP3) is that traffic can be
scanned as it crosses the firewall with a minimum amount of buffering, which in turn can
allow advanced features such as virus/malware scanning without affecting firewall
performance.
True False

Mark for follow up

Question 4 of 28.

True or false: PAN-DB is a service that aligns URLs with category types defined by Palo
Alto Networks. Websites are classified through various means, including data provided by
the Threat Intelligence Cloud.
True False

Mark for follow up

Question 5 of 28.

True or false: Many customers purchase the Palo Alto Networks platform to gain previously
unavailable levels of visibility into their applications, data, and network traffic.
True False

Mark for follow up

Question 6 of 28.

What are the three main benefits of WildFire? (Choose three.)

It gathers information from possible threats detected by NGFWs, endpoints, and
Aperture.
Because a Palo Alto Networks proprietary cloud-based architecture is used, quarantine
holds on suspicious files typically are reduced to fewer than 30 seconds.
Signatures for identified malware are quickly distributed globally to all Palo Alto
Networks customers' firewalls.
It uses a sandboxing environment that can detect malware by analyzing the behavior of
unknown files.
By collecting and distributing malware signatures from every major antivirus vendor, it
can provide comprehensive protection.

Mark for follow up

Question 7 of 28.

Which three subscriptions for the NGFW (next-generation firewall) are valid? (Choose
three.)
 SSL Decryption
Support
App-ID
User-ID
URL Filtering
Threat Prevention
Content-ID

Mark for follow up

Question 8 of 28.

True or false: Antivirus inspection is proxy-based.

True False

Mark for follow up

Question 9 of 28.

Which option is not a factor impacting sizing decisions?

Number of applications

Performance
Decryption
Redundancy
Sessions
Number of policy rules

Mark for follow up

Question 10 of 28.

How many stages in the attack chain must be stopped to prevent a successful breach?
 5

Mark for follow up

Question 11 of 28.

Which three features would prevent a successful attempt during the exfiltration stage of the
attack chain? (Choose three.)
WildFire
GlobalProtect
DNS monitoring and sinkholing
File blocking
URL filtering

Mark for follow up

Question 12 of 28.

Which three features are part of the Palo Alto Networks security platform? (Choose three.)
Threat Intelligence Cloud
Security Product Governance
Unified Threat Management
Security Certificate Authority
Next-generation firewall
Advanced Endpoint Protection

Mark for follow up

Question 13 of 28.

What is the URL for the full list of applications recognized by Palo Alto Networks?

https://applications.paloaltonetworks.com

https://applipedia.paloaltonetworks.com
https://www.MyApplipedia.com
https://www.Applipedia.com

Mark for follow up

Question 14 of 28.

Which hardware firewall platforms include both built-in front-to-back airflow and redundant
power supplies?

PA-5200 Series
All Palo Alto Networks hardware

PA-800 Series
PA-7000 Series

Mark for follow up

Question 15 of 28.

What are five benefits of Palo Alto Networks NGFWs (next-generation firewalls)? (Choose
five.)
Feature-specific modular hardware
Predictable throughput
Easy-to-use GUI that is the same on all models
Convenient configuration wizard
Identical security subscriptions on all models
Comprehensive security platform designed to scale functionality over time
Seamless integration with the Threat Intelligence Cloud
 Mark for follow up

Question 16 of 28.

True or false: An employee takes a corporate laptop, with Traps installed, on a weekend
camping trip. The employee's spouse has brought a USB stick with music to listen to. The
USB stick contains music files that have been weaponized. The laptop has no network
connectivity when the weaponized files are launched and therefore the system is vulnerable
to being exploited and compromised.
True False

Mark for follow up

Question 17 of 28.

What are the five critical places in the network where Palo Alto Networks NGFWs (next-
generation firewalls) and other products are commonly deployed to solve many of today's
enterprise security problems? (Choose five.)
Vehicle-mounted hotspot
Internet perimeter
Data center perimeter
Video game console
Mobile/endpoint device
Branch office
Wi-Fi access point
Virtual machine

Mark for follow up

Question 18 of 28.

WildFire now supports which major family of threat cloud virtual operating systems?

Windows XP, Windows Vista, Windows 7, and Windows 8

Windows, Linux, and Android

 Windows XP, Windows Vista, and Windows 7
Windows XP, Windows 7, Android, and iOS

Mark for follow up

Question 19 of 28.

What are the four failure areas of legacy security architectures? (Choose four.)
Manual response
ROI
Limited visibility
Lack correlation
Limited places in the network
Require headcount

Mark for follow up

Question 20 of 28.

Which three options describe the key components of a successful Platform Demo? (Choose
three.)
Providing visibility into recently occurring threats and showing how to block those
threats
After match criteria are set in the Object tab, showing how that data is presented in the
logs
Showing how Palo Alto Networks firewalls provide visibility into applications and
control of those applications
Showing which users are running which applications and providing a method for
controlling application access by user
Presenting the information in the Network and Device tabs

Mark for follow up

Question 21 of 28.

The VM-Series supports which four of the following virtualized environments? (Choose
four.)
 AWS
Citrix XenServer
VMware ESXi
VMware NSX
Azure
Linux VServer

Mark for follow up

Question 22 of 28.

If malware is detected on the internet perimeter, which other place in the network might be
affected?

Data center
Branch offices
Endpoints
Cloud
All of the above

Mark for follow up

Question 23 of 28.

Which three platform components does WildFire automatically update after finding malicious
activity in previously unknown files, URLs, and APKs? (Choose three.)
Management (Panorama)
Anti-command-and-control signatures (DNS)
Anti-malware signatures (WildFire)
Mobile (GlobalProtect)
Decrypt (Port-Mirroring)
Content/web filtering (PAN-DB)
 Mark for follow up

Question 24 of 28.

Which option lists the major families of file types supported by WildFire?

All executable files and all files with a MIME type

All executable files, PDF files, and Microsoft Office files
All executable files, PDF files, Microsoft Office files, and Adobe Flash applets

PE files, Microsoft Office, PDF, Java applets, APK, and Flash

Mark for follow up

Question 25 of 28.

What does App-ID inspect to identify an application?

Data payload
Source port
TTL
Hash (false)
Encryption key
(false)
Source IP

Mark for follow up

Question 26 of 28.

What does the automated correlation engine analyze?

Exceptions

Logs
Profiles
 Ports
Zones
Protocols
Rules

Mark for follow up

Question 27 of 28.

What is the main role of GlobalProtect?

Looking for malware on the endpoint

Sandboxing files on the Threat Intelligence Cloud

Extending protections and policies to endpoints

Categorizing URLs

Mark for follow up

Question 28 of 28.

Which two critical features of an NGFW (next-generation firewall) provide breach

prevention? (Choose two.)
Alarm generation of known threats traversing the device
Endpoint and server scanning for known malware
Application visibility and URL categorization
Processing all traffic across all ports and protocols, in both directions
Centralized or distributed Log Collectors