Palo Alto quizzes

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Which attribute is associated with the dedicated out-of-band network management port in Palo Alto Networks firewalls?

Cannot be configured as a standard traffic port

When using config audit to compare configuration files on a Next Generation firewall, what does the yellow indication reveal?

Change

When making changes to configuration settings on the PAN-OS firewall, which of the following options lists the individual changes for which you are committing changes?

Change Summary

Which Palo Alto Networks Prisma technology provides continuous security monitoring, compliance validation, and cloud storage security capabilities across multi-cloud environments. In addition, you can simplify security operations through effective threat protections enhanced with comprehensive cloud context?

Cloud

When committing changes to a firewall, what is the result of clicking the Preview Changes link?

Compares the candidate configuration to the running configuration

Which action in a Security policy rule results in traffic being silently rejected?

Drop

Which of the following is NOT a PAN-OS Firewall Administrator Dynamic Role?

Local only administrator

Which object cannot be segmented using virtual systems on a firewall?

MGT interface

Which routing protocol is supported on a virtual router?

OSPF

Which series of firewall is a high-performance physical appliance solution?

PA

When creating a custom admin role, which type of privileges can not be defined?

Panorama

Which Strata product provides centralized firewall management and logging?

Panorama

From the reading "Four Ps of 5G Network Security": Which of the following is NOT one of the 'Four Ps'?

Protection

Which of the following is a routing protocol supported in a Next Generation firewall?

RIPv2

Which Next Generation FW configuration type has settings active on the firewall?

Running

Which type of firewall interface enables passive monitoring of network traffic?

Tap

In the web interface, what is signified when a text box is highlighted in red?

The value in the text box is required

Which of the following are NOT traffic attributes or criteria that can be defined in a Security policy rule?

Traffic that does not pass through the firewall data plane

True or false? Certificate-based authentication replaces all other forms of either local or external authentication.

True

Which type of Security policy rule is the default rule type?

Universal

Which Palo Alto Networks Next Generation VM Series Model requires a minimum of 16 GB of memory and 60 GB of dedicated disk drive capacity?

VM-500

Which type of interface will allow the firewall to be inserted into an existing topology without requiring any reallocation of network addresses or redesign on the network topology?

Virtual Wire

Which built-in administrator role allows all rights except for the creation of administrative accounts and virtual systems?

deviceadmin

Which built-in role on the Next Generation firewall is the same as superuser except for creation of administrative accounts?

deviceadmin

NGFW QoS policies can be configured to apply:

either preferential treatment or bandwidth-limiting traffic rules

A strength of the Palo Alto Networks firewall is:

its single-pass parallel processing (SP3) engine and software performs operations once per packet

On the Palo Alto Networks Next Generation Firewall, which is the default port for transporting Syslog traffic?

514

Select the answer that completes this sentence. DIPP source NAT will support a maximum of about ______________ concurrent sessions on each IP address configured within the NAT pool.

64,000

Which type of firewall license or subscription provides a graphical analysis of firewall traffic logs and identifies potential risks to your network by using threat intelligence from a portal?

AutoFocus

For guidance on continuing to deploy the security platform features to address your network security needs, review the PAN-OS Administrator's Guide section titled

Best Practices for Completing the Firewall Deployment

Select True or False. Logging on intrazone-default and interzone-default Security policy rules is enabled by default.

False

Select True or False. The running configuration consists of configuration changes in progress but not active on the firewall?

False

Which Palo Alto Networks product for securing the enterprise extends the enterprise perimeter to remote offices and mobile users?

GlobalProtect

Which NGFW security policy rule applies to all matching traffic within the specified source zones?

Intrazone

Which statement is true regarding the Palo Alto Networks Firewall candidate configuration?

It can be reverted to the current configuration.

Which series of Palo Alto Networks Next Generation Firewall offers two modes, Secure Mode, and Express Mode?

K2

Global user authentication is not supported by which authentication service?

LDAP

What type of interface allows the Next Generation firewall to provide switching between two or more networks?

Layer2

Which one of the following statements is true about NAT rules?

NAT rules provide address translation, while security policy rules allow or deny packets.

What are the three pre-defined tabs in the Next Generation firewall Application Command Center (ACC)?

Network Traffic, Threat Activity, Blocked Activity

What is the method used to create a Zero Trust policy that answers the 'who, what, when, where, why and how' definition?

Never Trust - Always Verify

When resetting the PAN-OS firewall to factory defaults, you can save all configuration settings and logs by performing the following:

None of the above

Which feature can be configured with an IPv6 address?

Static Route

When defining Security policy rules, why should you consider only the c2s flow direction, and define policy rules that allow or deny traffic from the source zone to the destination zone, that is, in the c2s direction?

The return s2c flow does not require a separate rule because the return traffic automatically is allowed

Traffic going to a public IP address is being translated by a Next Generation firewall to an internal server private IP address. Which IP address should the security policy use as the destination IP in order to allow traffic to the server?

The server public IP

Select True or False. All of the interfaces on a Next Generation firewall must be the same interface type.

True

Select True or False. By default, the firewall uses the management (MGT) interface to access external services, such as DNS servers, external authentication servers, Palo Alto Networks services such as software, URL updates, licenses and AutoFocus?

True

Select True or False. In a Next Generation firewall, every interface in use must be assigned to a zone in order to process traffic.

True

Select True or False. In addition to routing to other network devices, virtual routers on the Next Generation firewall can route to other virtual routers.

True

Select True or False. On the Next Generation firewall, a commit lock blocks other administrators from committing changes until all of the locks have been released.

True

Select True or False. Server Profiles define connections that the firewall can make to external servers.

True

Select True or False. Traffic protection from external locations where the egress point is the perimeter is commonly referred to as "North-South" traffic?

True

Select True or false. Service routes can be used to configure an in-band port to access external services?

True

Select True or false. The CN-Series firewalls deliver the same capabilities as the PA-Series and VM-Series firewalls?

True

Which command will reset a next generation firewall to its factory default settings if you know the admin account password?

request system private-data-reset

Which role-based privilege allows full access to the Palo Alto Networks firewall, including defining new administrator accounts and virtual systems?

superuser

The first important task of building a Zero Trust Architecture is to identify

the protect surface

A critical consideration when defining Network Segmentation is ____________.

understanding your business and organizational drivers

Select the answer that best completes this sentence. Source NAT commonly is used for _________ users to access the ________ internet.

private, public

In the Palo Alto Networks Application Command Center (ACC), which filter allows you to limit the display to the details you care about right now and to exclude the unrelated information from the current display?

Global

In the Palo Alto Networks Firewall WebUI, which type of report can be compiled into a single emailed PDF?

Group

Select True or False. A Layer 3 interface can be configured as dual stack with both IPv4 and IPv6 addresses.

True

The Gartner Magic Quadrant for Network Firewalls rates company's

Ability to Execute / Completeness of Vision

What feature on the Next Generation firewall can be used to identify, in real time, the applications taking up the most bandwidth?

Application Command Center (ACC)

When creating PAN-OS firewall administrator accounts, which configuration step is required for Non-Local Administrators, but not for Local Administrators?

Authentication Profile

Select True or False. Security policy rules on the Next Generation firewall specify a source and a destination interface.

False

Which Palo Alto Networks Cortex technology prevents malware, blocks exploits, and analyzes suspicious patterns through behavioral threat protection?

XDR

From the reading "Securing OT to enable Manufacturing Digital Transformation": The risk of operations managing security at the local level is the potential of having _______________ approaches to security.

centralized?


संबंधित स्टडी सेट्स

Audit 3, Section 12.2 - Inventory

View Set

Lesson 6 General Psychology Quiz

View Set

HRM300T - Week 5 Apply Assignment

View Set

ECON 2105 - Exam 2 Chapters 19-22, and Sample Quiz

View Set

Risk Management Framework (RMF) Steps 1-6 Process Overview

View Set

PSYC 205: Child Development Unit 1 EXAM 1 Practice

View Set

Hesi Final Study Questions: Med Surg II

View Set