NEW QUESTION 1
Which file is used to save the running configuration with a Palo Alto Networks firewall?

• A. running-config.xml
• B. run-config.xml
• C. running-configuration.xml
• D. run-configuratin.xml

Answer: A

NEW QUESTION 2
A company moved its old port-based firewall to a new Palo Alto Networks NGFW 60 days ago. Which utility should the company use to identify out-of-date or unused rules on the firewall?

• A. Rule Usage Filter > No App Specified
• B. Rule Usage Filter >Hit Count > Unused in 30 days
• C. Rule Usage Filter > Unused Apps
• D. Rule Usage Filter > Hit Count > Unused in 90 days

Answer: D

NEW QUESTION 3
The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.
Which security profile feature could have been used to prevent the communication with the CnC server?

• A. Create an anti-spyware profile and enable DNS Sinkhole
• B. Create an antivirus profile and enable DNS Sinkhole
• C. Create a URL filtering profile and block the DNS Sinkhole category
• D. Create a security policy and enable DNS Sinkhole

Answer: A

NEW QUESTION 4
Which five Zero Trust concepts does a Palo Alto Networks firewall apply to achieve an integrated approach to prevent threats? (Choose five.)

• A. User identification
• B. Filtration protection
• C. Vulnerability protection
• D. Antivirus
• E. Application identification
• F. Anti-spyware

Answer: ACDEF

NEW QUESTION 5
Which statement is true regarding a Prevention Posture Assessment?

• A. The Security Policy Adoption Heatmap component filters the information by device groups, serial numbers, zones, areas of architecture, and other categories
• B. It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture
• C. It provides a percentage of adoption for each assessment area
• D. It performs over 200 security checks on Panorama/firewall for the assessment

Answer: B

NEW QUESTION 6
What are two differences between an implicit dependency and an explicit dependency in App- ID? (Choose two.)

• A. An implicit dependency does not require the dependent application to be added in the security policy
• B. An implicit dependency requires the dependent application to be added in the security policy
• C. An explicit dependency does not require the dependent application to be added in the security policy
• D. An explicit dependency requires the dependent application to be added in the security policy

Answer: AD

NEW QUESTION 7
Which administrator type provides more granular options to determine what the administrator can view and modify when creating an administrator account?

• A. Root
• B. Dynamic
• C. Role-based
• D. Superuser

Answer: C

NEW QUESTION 8
Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate malicious code against a targeted machine.

• A. Exploitation
• B. Installation
• C. Reconnaissance
• D. Act on Objective

Answer: A

NEW QUESTION 9
Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP –to-user mappings as soon as possible with minimal downtime and minimal configuration changes to the wireless devices themselves. The wireless devices are from various manufactures.
Given the scenario, choose the option for sending IP-to-user mappings to the NGFW.

• A. syslog
• B. RADIUS
• C. UID redistribution
• D. XFF headers

Answer: A

NEW QUESTION 10
Which interface type is used to monitor traffic and cannot be used to perform traffic shaping?

• A. Layer 2
• B. Tap
• C. Layer 3
• D. Virtual Wire

Answer: B

NEW QUESTION 11
Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

• A. global
• B. intrazone
• C. interzone
• D. universal

Answer: D

NEW QUESTION 12
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?

• A. All traffic matching the SuperApp_chat, and SuperApp_download is denied because it no longer matches the SuperApp-base application
• B. No impact because the apps were automatically downloaded and installed
• C. No impact because the firewall automatically adds the rules to the App-ID interface
• D. All traffic matching the SuperApp_base, SuperApp_chat, and SuperApp_download is denied until the security administrator approves the applications

Answer: C

NEW QUESTION 13
Which license must an Administrator acquire prior to downloading Antivirus Updates for use with the firewall?

• A. Threat Prevention License
• B. Threat Implementation License
• C. Threat Environment License
• D. Threat Protection License

Answer: A

NEW QUESTION 14
How many zones can an interface be assigned with a Palo Alto Networks firewall?

• A. two
• B. three
• C. four
• D. one

Answer: BC

Explanation:
5. Which two configuration settings shown are not the default? (Choose two.)
A. Enable Security Log
B. Server Log Monitor Frequency (sec)
C. Enable Session
D. Enable Probing

NEW QUESTION 15
Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?

• A. Active Directory monitoring
• B. Windows session monitoring
• C. Windows client probing
• D. domain controller monitoring

Answer: A

NEW QUESTION 16
Which two statements are correct about App-ID content updates? (Choose two.)

• A. Updated application content may change how security policy rules are enforced
• B. After an application content update, new applications must be manually classified prior to use
• C. Existing security policy rules are not affected by application content updates
• D. After an application content update, new applications are automatically identified and classified

Answer: CD

NEW QUESTION 17
......