Scribd Logo
Carica

Benvenuto in Scribd!

  • Exm Jav

    Caricato da

    Castillo
    308 visualizzazioni7 pagine

    Titolo originale

    Exm Jav.docx

    Copyright

    © © All Rights Reserved

    Formati disponibili

    DOCX, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    308 visualizzazioni7 pagine

    Exm Jav

    Caricato da

    Castillo

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 7

    Question 1 of 30.

    Which statement is true about a URL Filtering Profile continue password?


    There is a password per session.
    There is a password per website.
    There is a password per firewall administrator account.
    There is a single, per-firewall password.
    Mark for follow up

    Question 2 of 30.

    Which three MGT port configuration settings are needed to remotely access the web interface? (Choose
    three.)
    default gateway
    netmask
    hostname
    IP address
    DNS server
    Mark for follow up

    Question 3 of 30.

    Which two statements are true about sessions on the firewall? (Choose two.).-.--.-.-.-.-.-.-
    Return traffic is allowed.
    The only session information tracked in the session logs are the fivetuples.
    Sessions always are matched to a Security policy rule.
    Network packets always are matched to a session.
    Mark for follow up

    Question 4 of 30.

    Which three HTTP header insertion types are predefined? (Choose three.)
    YouTube
    Slack
    Google
    Dropbox
    WebEx
    Mark for follow up

    Question 5 of 30.

    What is the maximum number of WildFire appliances that can be grouped in to a WildFire appliance cluster?
    12
    20
    32
    24
    Mark for follow up
    Question 6 of 30.

    Which three subscription services are included as part of GlobalProtect cloud service? (Choose three.)
    Threat Prevention
    WildFire®
    Aperture
    URL Filtering
    Panorama
    Mark for follow up

    Question 7 of 30.

    GlobalProtect clientless VPN provides secure remote access to web applications that use which three
    technologies? (Choose three.)
    JavaScript
    Ruby
    HTML
    Python
    HTML5
    Mark for follow up

    Question 8 of 30.

    Which file must be downloaded from the firewall to create a Heatmap and Best Practices Assessment report?
    Tech Support File
    firewall config file
    stats dump file
    XML file
    Mark for follow up

    Question 9 of 30.

    Which three components can be sent to WildFire for analysis? (Choose three.)
    URL links found in email
    known files and URL links
    MGT interface traffic
    files traversing the firewall
    email attachments
    Mark for follow up

    Question 10 of 30.
    Which statement describes a function provided by an Interface Management Profile?
    It determines the NetFlow and LLDP interface management settings.
    It determines which firewall services are accessible from external devices.
    It determines which external services are accessible by the firewall.
    It determines which administrators can manage which interfaces.
    Mark for follow up

    Question 11 of 30.

    Which interface type is NOT assigned to a security zone?


    Layer 3
    Virtual Wire
    VLAN
    HA
    Mark for follow up

    Question 12 of 30.

    Which interface type does NOT require any configuration changes to adjacent network devices?.-.-.-
    Layer 3
    Virtual Wire
    Layer 2
    Tap
    Mark for follow up

    Question 13 of 30.

    What is the result of performing a firewall Commit operation?


    The loaded configuration becomes the candidate configuration.
    The candidate configuration becomes the running configuration.
    The candidate configuration becomes the saved configuration.
    The saved configuration becomes the loaded configuration.
    Mark for follow up

    Question 14 of 30.

    What are two benefits of attaching a Decryption Profile to a Decryption policy nodecrypt rule? (Choose two.)
    acceptable protocol checking
    untrusted certificate checking
    URL category match checking
    expired certificate checking
    Mark for follow up

    Question 15 of 30.
    Which two separate planes comprise the PANOS architecture? (Choose two.)
    signature processing plane
    routing plane
    dataplane
    HA plane
    control or management plane
    Mark for follow up

    Question 16 of 30.

    If there is an HA configuration mismatch between firewalls during peer negotiation, which state does the
    passive firewall enter?
    PASSIVE
    NON-FUNCTIONAL
    ACTIVE
    INITIAL
    Mark for follow up

    Question 17 of 30.

    The Threat log records events from which three Security profiles? (Choose three.)
    File Blocking
    Anti-Spyware
    URL Filtering
    Vulnerability Protection
    Antivirus
    Mark for follow up

    Question 18 of 30.

    The firewall acts as a proxy for which two types of traffic? (Choose two.)
    SSL outbound
    SSL Inbound Inspection
    non-SSL
    SSH
    Mark for follow up

    Question 19 of 30.

    SSL Inbound Inspection requires that the firewall be configured with which two components? (Choose two.)
    client's digital certificate
    server's digital certificate
    server's private key
    client's public key
    Mark for follow up
    Question 20 of 30.

    In an HA configuration, which three functions are associated with the HA1 Control Link? (Choose three.)
    management configuration
    synchronizing configuration
    synchronizing sessions
    exchanging hellos
    exchanging heartbeats
    Mark for follow up

    Question 21 of 30.

    In a Security Profile, which two actions does a firewall take when the profile’s action is configured as Reset
    Server? (Choose two.)
    For UDP sessions, the connection is dropped.
    For UDP sessions, the connection is reset.
    The traffic responder is reset.
    The client is reset.
    Mark for follow up

    Question 22 of 30.

    A Security policy rule in a destination NAT configuration should be written to match which type of address and
    zone?
    original pre-NAT source and destination addresses, but the post-NAT destination zone
    original pre-NAT source and destination addresses, and the pre-NAT destination zone
    post-NAT source and destination addresses, but the pre-NAT destination zone
    post-NAT source and destination addresses, and the post-NAT destination zone
    Mark for follow up

    Question 23 of 30.

    If a DNS Sinkhole is configured, any sinkhole actions that indicate a potentially infected host are recorded in
    which log type?
    Threat
    Data Filtering
    Traffic
    WildFire Submissions
    Mark for follow up

    Question 24 of 30.
    Finding URLs matched to the not-resolved URL category in the URL Filtering log file might indicate that you
    should take which action?
    Validate your Security policy rules.
    Download the URL seed database again.
    Reboot the firewall.
    Validate connectivity to the PAN-DB cloud.
    Mark for follow up

    Question 25 of 30.

    Because a firewall examines every packet in a session, a firewall can detect application ________?
    errors
    filters
    shifts
    groups
    Mark for follow up

    Question 26 of 30.

    Application block pages can be enabled for which applications?


    web-based
    non-TCP/IP
    any
    MGT port-based
    Mark for follow up

    Question 27 of 30.

    App-ID running on a firewall identifies applications using which three methods? (Choose three.).-.-.-.-.-.-.-.-
    WildFire lookups
    program heuristics
    PAN-DB lookups
    known protocol decoders
    Application signatures
    Mark for follow up

    Question 28 of 30.

    An Interface Management Profile can be attached to which two interface types? (Choose two.)
    Layer 2
    Layer 3
    Tap
    Virtual Wire
    Loopback
    Mark for follow up
    Question 29 of 30.

    In an Antivirus Security Profile, WildFire Actions enable you to configure the firewall to perform which
    operation?
    download new antivirus signatures from WildFire
    upload traffic to WildFire when a virus is suspected
    delete packet data when a virus is suspected
    block traffic when a WildFire virus signature is detected
    Mark for follow up

    Question 30 of 30.

    A Security policy rule displayed in italic font indicates which condition?


    The rule is a clone.
    The rule is disabled.
    The rule is active.
    The rule has been overridden.
    Mark for follow up

    Potrebbero piacerti anche