Scribd Logo
Upload

Welcome to Scribd!

  • Virtualized Environments and NGFW Benefits

    Uploaded by

    Jorge Alberto Solis Sanchez
    2K views23 pages
    PA

    Original Title

    Doc2

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    PA

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2K views23 pages

    Virtualized Environments and NGFW Benefits

    Uploaded by

    Jorge Alberto Solis Sanchez
    PA

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 23

    ____________________________________________________________________________

    Question 1 of 28.

    The VM-Series supports which four of the following virtualized environments? (Choose four.)
    Linux VServer

    Citrix XenServer

    VMware ESXi

    AWS

    Azure

    VMware NSX

    Mark for follow up

    Question 2 of 28.

    Which two PAN-OS tabs would an administrator use to identify compromised users after a spike in
    dangerous traffic is observed? (Choose two.)
    Device

    Objects

    Policies

    Network

    Monitor

    ACC

    Question 3 of 28.
    WildFire now supports which major family of threat cloud virtual operating systems?

    Windows XP, Windows Vista, Windows 7, and Windows 8

    Windows XP, Windows 7, Android, and iOS

    Windows XP, Windows Vista, and Windows 7

    Windows, Linux, and Android

    Mark for follow up

    Question 4 of 28.

    Which three features would prevent a successful attempt during the exfiltration stage of the attack
    chain? (Choose three.)
    URL filtering

    GlobalProtect

    File blocking

    WildFire

    DNS monitoring and sinkholing

    Mark for follow up

    Question 5 of 28.

    True or false: PAN-DB is a service that aligns URLs with category types defined by Palo Alto
    Networks. Websites are classified through various means, including data provided by the Threat
    Intelligence Cloud.
    True False

    Mark for follow up

    Question 6 of 28.

    What does App-ID inspect to identify an application?

    Source port

    Hash

    Encryption key

    TTL

    Data payload

    Source IP
    Mark for follow up

    Question 7 of 28.

    Which two critical features of an NGFW (next-generation firewall) provide breach prevention?
    (Choose two.)
    Alarm generation of known threats traversing the device

    Centralized or distributed Log Collectors

    Application visibility and URL categorization

    Processing all traffic across all ports and protocols, in both directions

    Endpoint and server scanning for known malware

    Mark for follow up

    Question 8 of 28.

    Which hardware firewall platforms include both built-in front-to-back airflow and redundant power
    supplies?

    PA-7000 Series

    PA-800 Series

    PA-5200 Series

    All Palo Alto Networks hardware

    Mark for follow up


    Question 9 of 28.

    What are the four failure areas of legacy security architectures? (Choose four.)
    Require headcount

    Limited visibility

    Limited places in the network

    Lack correlation

    ROI

    Manual response

    Mark for follow up

    Question 10 of 28.

    True or false: Antivirus inspection is proxy-based.


    True False
    Mark for follow up
    Question 11 of 28.

    What is the URL for the full list of applications recognized by Palo Alto Networks?

    https://applipedia.paloaltonetworks.com

    https://www.MyApplipedia.com

    https://applications.paloaltonetworks.com

    https://www.Applipedia.com

    Mark for follow up

    Question 12 of 28.

    True or false: Many customers purchase the Palo Alto Networks platform to gain previously
    unavailable levels of visibility into their applications, data, and network traffic.
    True False

    Mark for follow up

    Question 13 of 28.

    True or false: An employee takes a corporate laptop, with Traps installed, on a weekend camping
    trip. The employee's spouse has brought a USB stick with music to listen to. The USB stick
    contains music files that have been weaponized. The laptop has no network connectivity when the
    weaponized files are launched and therefore the system is vulnerable to being exploited and
    compromised.
    True False

    Mark for follow up

    Question 14 of 28.

    If malware is detected on the internet perimeter, which other place in the network might be
    affected?

    Data center

    Branch offices

    Endpoints

    Cloud

    All of the above


    Mark for follow up
    Question 15 of 28.

    Which three options describe the key components of a successful Platform Demo? (Choose three.)
    Showing how Palo Alto Networks firewalls provide visibility into applications and control of those
    applications

    Providing visibility into recently occurring threats and showing how to block those threats
    Showing which users are running which applications and providing a method for controlling
    application access by user

    After match criteria are set in the Object tab, showing how that data is presented in the logs

    Presenting the information in the Network and Device tabs

    Mark for follow up

    Question 16 of 28.

    What are the three main benefits of WildFire? (Choose three.)


    It uses a sandboxing environment that can detect malware by analyzing the behavior of unknown
    files.

    It gathers information from possible threats detected by NGFWs, endpoints, and Aperture.
    Signatures for identified malware are quickly distributed globally to all Palo Alto Networks
    customers' firewalls.
    By collecting and distributing malware signatures from every major antivirus vendor, it can provide
    comprehensive protection.
    Because a Palo Alto Networks proprietary cloud-based architecture is used, quarantine holds on
    suspicious files typically are reduced to fewer than 30 seconds.

    Mark for follow up

    Question 17 of 28.

    What are the five critical places in the network where Palo Alto Networks NGFWs (next-generation
    firewalls) and other products are commonly deployed to solve many of today's enterprise security
    problems? (Choose five.)
    Video game console

    Wi-Fi access point

    Internet perimeter

    Branch office

    Mobile/endpoint device

    Vehicle-mounted hotspot

    Virtual machine

    Data center perimeter


    Mark for follow up
    Which option is not a factor impacting sizing decisions?

    Redundancy

    Number of applications

    Decryption

    Number of policy rules

    Performance

    Sessions

    Mark for follow up

    Question 19 of 28.

    Which three platform components does WildFire automatically update after finding malicious
    activity in previously unknown files, URLs, and APKs? (Choose three.)
    Anti-malware signatures (WildFire)

    Management (Panorama)

    Content/web filtering (PAN-DB)

    Decrypt (Port-Mirroring)

    Mobile (GlobalProtect)

    Anti-command-and-control signatures (DNS)

    Mark for follow up

    Question 20 of 28.

    True or false: One advantage of Single-Pass Parallel Processing (SP3) is that traffic can be
    scanned as it crosses the firewall with a minimum amount of buffering, which in turn can allow
    advanced features such as virus/malware scanning without affecting firewall performance.
    True False

    Mark for follow up

    Question 21 of 28.

    Which three subscriptions for the NGFW (next-generation firewall) are valid? (Choose three.)
    Support

    App-ID
    Threat Prevention

    SSL Decryption

    User-ID

    Content-ID

    URL Filtering

    Mark for follow up

    Question 22 of 28.

    Which three features are part of the Palo Alto Networks security platform? (Choose three.)
    Security Certificate Authority

    Threat Intelligence Cloud

    Unified Threat Management

    Advanced Endpoint Protection

    Security Product Governance

    Next-generation firewall

    Mark for follow up

    Question 23 of 28.

    Which option lists the major families of file types supported by WildFire?

    All executable files, PDF files, Microsoft Office files, and Adobe Flash applets

    All executable files and all files with a MIME type

    All executable files, PDF files, and Microsoft Office files

    PE files, Microsoft Office, PDF, Java applets, APK, and Flash

    Mark for follow up

    Question 24 of 28.

    What is the main role of GlobalProtect?

    Categorizing URLs

    Looking for malware on the endpoint

    Sandboxing files on the Threat Intelligence Cloud

    Extending protections and policies to endpoints


    Mark for follow up

    Question 25 of 28.

    What are five benefits of Palo Alto Networks NGFWs (next-generation firewalls)? (Choose five.)
    Comprehensive security platform designed to scale functionality over time

    Convenient configuration wizard

    Feature-specific modular hardware

    Easy-to-use GUI that is the same on all models

    Seamless integration with the Threat Intelligence Cloud

    Identical security subscriptions on all models

    Predictable throughput

    Mark for follow up

    Question 26 of 28.

    How many stages in the attack chain must be stopped to prevent a successful breach?

    Mark for follow up

    Question 27 of 28.

    What does the automated correlation engine analyze?

    Profiles

    Zones

    Ports

    Protocols

    Rules

    Exceptions

    Logs
    Mark for follow up

    Question 28 of 28.

    How quickly are WildFire updates about previously unknown files being delivered from the cloud
    to customers with a WildFire subscription?

    60 minutes

    5 minutes

    15 minutes

    30 minutes

    1 day

    Mark for follow up

    You might also like