____________________________________________________________________________

Question 1 of 28.

The VM-Series supports which four of the following virtualized environments? (Choose four.)
Linux VServer

Citrix XenServer

VMware ESXi

AWS

Azure

VMware NSX

Mark for follow up

Question 2 of 28.

Which two PAN-OS tabs would an administrator use to identify compromised users after a spike in
dangerous traffic is observed? (Choose two.)
Device

Objects

Policies

Network

Monitor

ACC

Question 3 of 28.
WildFire now supports which major family of threat cloud virtual operating systems?

Windows XP, Windows Vista, Windows 7, and Windows 8

Windows XP, Windows 7, Android, and iOS

Windows XP, Windows Vista, and Windows 7

Windows, Linux, and Android

Mark for follow up

Question 4 of 28.

Which three features would prevent a successful attempt during the exfiltration stage of the attack
chain? (Choose three.)
URL filtering

GlobalProtect

File blocking

WildFire

DNS monitoring and sinkholing

Mark for follow up

Question 5 of 28.

True or false: PAN-DB is a service that aligns URLs with category types defined by Palo Alto
Networks. Websites are classified through various means, including data provided by the Threat
Intelligence Cloud.
True False

Mark for follow up

Question 6 of 28.

What does App-ID inspect to identify an application?

Source port

Hash

Encryption key

TTL

Data payload

Source IP
 Mark for follow up

Question 7 of 28.

Which two critical features of an NGFW (next-generation firewall) provide breach prevention?
(Choose two.)
Alarm generation of known threats traversing the device

Centralized or distributed Log Collectors

Application visibility and URL categorization

Processing all traffic across all ports and protocols, in both directions

Endpoint and server scanning for known malware

Mark for follow up

Question 8 of 28.

Which hardware firewall platforms include both built-in front-to-back airflow and redundant power
supplies?

PA-7000 Series

PA-800 Series

PA-5200 Series

All Palo Alto Networks hardware

Mark for follow up

What are the four failure areas of legacy security architectures? (Choose four.)
Require headcount

Limited visibility

Limited places in the network

Lack correlation

ROI

Manual response

Mark for follow up

Question 10 of 28.

True or false: Antivirus inspection is proxy-based.

What is the URL for the full list of applications recognized by Palo Alto Networks?

https://applipedia.paloaltonetworks.com

https://www.MyApplipedia.com

https://applications.paloaltonetworks.com

https://www.Applipedia.com

Mark for follow up

Question 12 of 28.

True or false: Many customers purchase the Palo Alto Networks platform to gain previously
unavailable levels of visibility into their applications, data, and network traffic.
True False

Mark for follow up

Question 13 of 28.

True or false: An employee takes a corporate laptop, with Traps installed, on a weekend camping
trip. The employee's spouse has brought a USB stick with music to listen to. The USB stick
contains music files that have been weaponized. The laptop has no network connectivity when the
weaponized files are launched and therefore the system is vulnerable to being exploited and
compromised.
True False

Mark for follow up

Question 14 of 28.

If malware is detected on the internet perimeter, which other place in the network might be
affected?

Data center

Branch offices

Endpoints

Cloud

All of the above

Which three options describe the key components of a successful Platform Demo? (Choose three.)
Showing how Palo Alto Networks firewalls provide visibility into applications and control of those
applications

Providing visibility into recently occurring threats and showing how to block those threats
Showing which users are running which applications and providing a method for controlling
application access by user

After match criteria are set in the Object tab, showing how that data is presented in the logs

Presenting the information in the Network and Device tabs

Mark for follow up

Question 16 of 28.

What are the three main benefits of WildFire? (Choose three.)

It gathers information from possible threats detected by NGFWs, endpoints, and Aperture.
Signatures for identified malware are quickly distributed globally to all Palo Alto Networks
customers' firewalls.
By collecting and distributing malware signatures from every major antivirus vendor, it can provide
comprehensive protection.
Because a Palo Alto Networks proprietary cloud-based architecture is used, quarantine holds on
suspicious files typically are reduced to fewer than 30 seconds.

Mark for follow up

Question 17 of 28.

What are the five critical places in the network where Palo Alto Networks NGFWs (next-generation
firewalls) and other products are commonly deployed to solve many of today's enterprise security
problems? (Choose five.)
Video game console

Wi-Fi access point

Internet perimeter

Branch office

Mobile/endpoint device

Vehicle-mounted hotspot

Virtual machine

Data center perimeter

Redundancy

Number of applications

Decryption

Number of policy rules

Performance

Sessions

Mark for follow up

Question 19 of 28.

Which three platform components does WildFire automatically update after finding malicious
activity in previously unknown files, URLs, and APKs? (Choose three.)
Anti-malware signatures (WildFire)

Management (Panorama)

Content/web filtering (PAN-DB)

Decrypt (Port-Mirroring)

Mobile (GlobalProtect)

Anti-command-and-control signatures (DNS)

Mark for follow up

Question 20 of 28.

True or false: One advantage of Single-Pass Parallel Processing (SP3) is that traffic can be
scanned as it crosses the firewall with a minimum amount of buffering, which in turn can allow
advanced features such as virus/malware scanning without affecting firewall performance.
True False

Mark for follow up

Question 21 of 28.

Which three subscriptions for the NGFW (next-generation firewall) are valid? (Choose three.)
Support

App-ID
 Threat Prevention

SSL Decryption

User-ID

Content-ID

URL Filtering

Mark for follow up

Question 22 of 28.

Which three features are part of the Palo Alto Networks security platform? (Choose three.)
Security Certificate Authority

Threat Intelligence Cloud

Unified Threat Management

Advanced Endpoint Protection

Security Product Governance

Next-generation firewall

Mark for follow up

Question 23 of 28.

Which option lists the major families of file types supported by WildFire?

All executable files, PDF files, Microsoft Office files, and Adobe Flash applets

All executable files and all files with a MIME type

All executable files, PDF files, and Microsoft Office files

PE files, Microsoft Office, PDF, Java applets, APK, and Flash

Mark for follow up

Question 24 of 28.

What is the main role of GlobalProtect?

Categorizing URLs

Looking for malware on the endpoint

Sandboxing files on the Threat Intelligence Cloud

Extending protections and policies to endpoints

Question 25 of 28.

What are five benefits of Palo Alto Networks NGFWs (next-generation firewalls)? (Choose five.)
Comprehensive security platform designed to scale functionality over time

Convenient configuration wizard

Feature-specific modular hardware

Easy-to-use GUI that is the same on all models

Seamless integration with the Threat Intelligence Cloud

Identical security subscriptions on all models

Predictable throughput

Mark for follow up

Question 26 of 28.

How many stages in the attack chain must be stopped to prevent a successful breach?

Mark for follow up

Question 27 of 28.

What does the automated correlation engine analyze?

Profiles

Zones

Ports

Protocols

Rules

Exceptions

Logs
 Mark for follow up

Question 28 of 28.

How quickly are WildFire updates about previously unknown files being delivered from the cloud
to customers with a WildFire subscription?

60 minutes

5 minutes

15 minutes

30 minutes

1 day

Mark for follow up