ESD Module Quizzes

True or false? When a malicious file or link is detected in an email, WildFire can update antivirus signatures in the PAN-DB database.

False

The User-ID feature identifies the user and IP address of the computer the user is logged into for Next Generation firewall policy enforcement. True False

True

True or False. If a file type is matched in the File Blocking Profile and WildFire Analysis Profile, and if the File Blocking Profile action is set to "block," then the file is not forwarded to WildFire.

True

True or False? A URL Filtering license is not require to define and use custom URL categories.

True

According to best practices, which two URL filtering categories should be blocked in most URL filtering profiles? a. new-registered-domain b. medium-risk c. adult d. high-risk

a and d

A "continue" action can be configured on the following security profiles in the Next Generation firewall: a. URL Filtering and File Blocking b. URL Filtering, File Blocking, and Data Filtering c. URL Filtering d. URL Filtering and Antivirus

a. URL Filtering and File Blocking

Which item is not a valid choice when the Source User field is configured in a Security policy rule? Select one: a. all b. any c. unknown d. known-user

a. all

Which statement is true regarding User-ID and Security policy rules? a. The Source User field can match only users, not groups. b. The Source IP and Source User fields cannot be used in the same policy. c. Users can be used in policy rules only if they are known by the firewall d. If the user associated with an IP address cannot be determined, all traffic from that address will be dropped.

a. users can be used in policy rules only if they are known by the firewall

Which User-ID component and mapping method is recommended for web clients that do not use the domain server? a. Terminal Services agent b. GlobalProtect c. Captive Portal d. XML API

b. Captive Portal

Which two statements are true regarding User-ID and firewall configuration? a. The USER-ID agent must be installed on the domain controller b. Communication between the firewall and USER-ID agent are sent over an encrypted SSL connection c. The firewall needs to have information for every USER-ID agent for which it will connect d. NETBIOS is the only client-probing method supported by the USER-ID agent

b. Communication between the firewall and USER-ID agent are sent over an encrypted SSL connection c. The firewall needs to have information for every USER-ID agent for which it will connect

Which Next Generation Firewall URL filter setting is used to prevent users who use the Google, Yahoo, Bing, Yandex, or YouTube search engines from viewing search results unless their browser is configured with the strict safe search option? a. HTTP Header Logging b. Safe Search Environment c. Log Container Page d. User Credential Detection

b. Safe Search Environment

Which URL filtering security profile actions logs the category to the URL filtering log? a. allow b. alert c. log d. default

b. alert

Assume you have a WildFire subscription. Which file state or condition would trigger a Wildfire file analysis? a. file already has WildFire hash b. file located in a JAR or RAR archive c. executable file signed by trusted signer d. file size limit exceeded

b. file located in a JAR or RAR archive

Which Palo Alto Networks Next Generation Firewall URL Category Action sends a response page to the user's browser that prompts the user for the administrator-defined override password, and logs the action to the URL Filtering log? a. block b. override c. alert d. continue

b. override

Which URL Filtering Profile action will result in a user being interactively prompted for a password? a. continue b. override c. allow d. alert

b. override

Which is the correct URL matching order on a Palo Alto Networks Next Generation Firewall? a. Block, Allow, External Dynamic, Custom URL, PAN-DB Cache, PAN-DB Download, PAN-DB Cloud b. Block, Allow, Custom URL, External Dynamic, PAN-DB Download, PAN-DB Cloud, PAN-DB Cache c. Block, Allow, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PAN-DB Cloud d. Allow, Block, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PAN-DB Cloud

c. Block, Allow, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PAN-DB Cloud

Which file type can a firewall send to WildFire when the firewall does not have a WildFire subscription? a. JAR b. PDF c. PE d. APK

c. PE

Which CLI command is used to verify successful file uploads to WildFire? a. debug wildfire upload-threat show b. debug wildfire download-log show c. debug wildfire upload-log show d. debug wildfire upload-log

c. debug wildfire upload-log show

What is the recommended maximum default size of PE - executable - files forwarded from the Next Generation firewall to Wildfire? a. always 2 megabytes b. configurable up to 2 megabytes c. up to 10 megabytes d. 16 megabytes

d. 16 megabytes

Without a Wildfire Licensed subscription, which of the following files can be submitted by the Next Generation Firewall to the hosted Wildfire virtualized sandbox? a.PE and Java Applet only b. PDF files only c. MS Office doc/docx, xls/xlsx, and ppt/pptx files only d. PE files only

d. PE files only

In the latest Next Generation firewall version, what is the shortest time that can be configured on the firewall to check for Wildfire updates? a. 5 minutes b. 30 minutes c. 1 Hour d. Real Time

d. Real Time

Which statement is not true regarding SafeSearch Enforcement? a. Safe search is a web browser setting b. Safe search is a best effort setting c. Safe search is a web server setting d. Safe search works only in conjunction with credential submission websites

d. Safe search works only in conjunction with credential submission websites

Which WildFire verdict might indicate obtrusive behavior but not a security threat? a. phishing b. benign c. malware d. grayware

d. grayware