Q1. Which of the following describes the sequence of the Global Protect agent connecting to a Gateway?
A. The Agent connects to the Portal obtains a list of Gateways, and connects to the Gateway with the fastest SSL response time
B. The agent connects to the closest Gateway and sends the HIP report to the portal
C. The agent connects to the portal, obtains a list of gateways, and connects to the gateway with the fastest PING response time
D. The agent connects to the portal and randomly establishes a connection to the first available gateway
Answer: A
Q2. The WildFire Cloud or WF-500 appliance provide information to which two Palo Alto Networks security services? Choose 2 answers
A. Threat Prevention
B. App-ID
C. URL Filtering
D. PAN-OS
E. GlobalProtect Data File
Answer: A,E
Explanation:
Reference: https://www.paloaltonetworks.com/products/technologies/wildfire.html
Q3. What is the default DNS Sinkhole address used by Palo Alto Networks Firewall to cut off communication?
A. MGT interface address
B. Loopback interface address
C. Any one Layer 3 interface address
D. Localhost address
Answer: B
Q4. In PANOS 6.0, rule numbers are:
A. Numbers that specify the order in which security policies are evaluated.
B. Numbers created to be unique identifiers in each firewall’s policy database.
C. Numbers on a scale of 0 to 99 that specify priorities when two or more rules are in conflict.
D. Numbers created to make it easier for users to discuss a complicated or difficult sequence of rules.
Answer: A
Q5. Taking into account only the information in the screenshot above, answer the following question. Which applications will be allowed on their standard ports? (Select all correct answers.)
A. BitTorrent
B. Gnutella
C. Skype
D. SSH
Answer: A,D
Q6. Which of the following objects cannot use User-ID as a match criteria?
A. Security Policies
B. QoS
C. Policy Based Forwarding
D. DoS Protection
E. None of the above
Answer: E
Q7. A firewall administrator is troubleshooting problems with traffic passing through the Palo Alto Networks firewall.
Which method will show the global counters associated with the traffic after configuring the appropriate packet filters?
A. From the CLI, issue the show counter interface command for the egress interface.
B. From the GUI, select "Show global counters" under the Monitor tab.
C. From the CLI, issue the show counter global filter packet-filter yes command.
D. From the CLI, issue the show counter interface command for the ingress interface.
Answer: C
Explanation:
Reference: https://live.paloaltonetworks.com/docs/DOC-7971
Q8. What is the maximum usable storage capacity of an M-100 appliance?
A. 2TB
B. 4TB
C. 6TB
D. STB
Answer: B
Explanation:
Reference: https://www.paloaltonetworks.com/documentation/61/panorama/panorama_adminguide/set -up-panorama/set-up-the-m-100-appliance.html
Q9. What happens at the point of Threat Prevention license expiration?
A. Threat Prevention no longer updated; existing database still effective
B. Threat Prevention is no longer used; applicable traffic is allowed
C. Threat Prevention no longer used; applicable traffic is blocked
D. Threat Prevention no longer used; traffic is allowed or blocked by configuration per Security Rule
Answer: A
Q10. What are the three Security Policy rule Type classifications supported in PAN-OS 6.1?
A. Security, NAT, Policy-Based Forwarding
B. Intrazone, Interzone, Global
C. Intrazone, Interzone, Universal
D. Application, User, Content
Answer: C
Explanation:
Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/framemaker/61/pan-os/NewFeaturesGuide.pdf page 18-19