Which three actions should be taken before deploying a firewall evaluation unit in the customer's environment? (Choose three.)

A prospective customer currently uses a firewall that provides only Layer 4 inspection and protections. The customer sees traffic going to an external destination, port 53, but cannot determine what Layer 7 application traffic is going over that port. Which capability of PAN-OS would address the customer's lack of visibility?

Which profile or policy should be applied to protect against port scans from the internet?

Which three mechanisms are valid for enabling user mapping? (Choose three.)

Which two actions should be taken prior to installing a decryption policy on an NGFW? (Choose two.)

A potential customer requires an NGFW solution that enables high-throughput, low-latency network security and also inspects the application. Which aspect of the Palo Alto Networks NGFW capabilities should be highlighted to help address these requirements?

Which is the smallest Panorama solution that can be used to manage up to 2500 Palo Alto Networks Next Generation firewalls?

Which PAN-OS feature helps prevent user credential theft?

What are two ways to manually add and remove members of dynamic user groups (DUGs)? (Choose two.)

What aspect of PAN-OS allows for the NGFW admin to create a policy that provides auto-remediation for anomalous user behavior and malicious activity while maintaining user visibility?

What filtering criteria is used to determine what users to include as members of a dynamic user group?

Which two methods will help avoid Split Brain when running HA in Active/Active mode? (Choose two.)

An Administrator needs a PDF summary report that contains information compiled from existing reports based on datafor the Top five(5) in each category. Which two timeframe options are available to send this report? (Choose two.)

Which two types of security chains are supported by the Decryption Broker? (Choose two.)

Which domain permission are required by the User-ID Agent for WMI Authentication on Windows Server?(Choose three)

Which two features are key in preventing unknown targeted attacks? (Choose two.)

Which three categories are identified as best practices in the Best Practice Assessment tool? (Choose three.)

Which two email links, contained in SMTP and POP3, can be submitted from WildFire analysis with a WildFire subscription? (Choose two.)

What are three purposes for the Eval Systems, Security Lifecycle Reviews and Prevention Posture Assessment tools? (Choose three.)

A customer with a legacy firewall architecture focused on port-and-protocol-level security has heard that NGFWs open all ports by default. Which of the following statements regarding Palo Alto Networks NGFWs is an appropriate rebuttal that explains an advantage over legacy firewalls?

Which three platform components can identify and protect against malicious email links? (Choose three.)

What are two advantages of the DNS Sinkholing feature? (Choose two.)

The Palo Alto Networks Cloud Identity Engine (CIE) includes which service that supports Identity Providers (IdP)?

Which two actions can be configured in an Anti-Spyware profile to address command-and-control (C2) traffic from compromised hosts? (Choose two.)

If a Palo Alto Networks Next-Generation Firewall (NGFW) already has Advanced Threat Prevention (ATP) enabled what is the throughput impact of also enabling Wildfire and Advanced URL Filtering (AURLF)?

In PAN-OS 10.0 and later, DNS Security allows policy actions to be applied based on which three domains? (Choose three.)

Which two of the following are required when configuring the Domain Credential Filter method for preventing phishing attacks? (Choose two.)

You have enabled the WildFire ML for PE files in the antivirus profile and have added the profile to the appropriate firewall rules. When you go to Palo Alto Networks WildFire test av file and attempt to download the test file it is allowed through. In order to verify that the machine learning is working from the command line, which command returns a valid result?

In PAN-OS 10.0 and later, DNS Security allows policy actions to be applied based on which three domains? (Choose three.)

What is used to choose the best path on a virtual router that has two or more different routes to the same destination?

Which three categories are identified as best practices in the Best Practice Assessment tool? (Choose three.)

A customer requires an analytics tool with the following attributes: Uses the logs on the firewall to detect actionable events on the network. Automatically processes a series of related threat events that, when combines, indicate a likely comprised host on the network. Pinpoints the area of risk and allows for assessment of the risk to action can be taken to prevent exploitation of network resources. Which feature of PAN-OS will address these requirements?

Which statement is true about deviating Devices and metrics?

What three Tabs are available in the Detailed Device Health on Panorama for hardware-based firewalls? (Choose three.)

Which three features are used to prevent abuse of stolen credentials? (Choose three.)

A service provider has acquired a pair of PA-7080s for its data center to secure its customer base's traffic. The server provider's traffic is largely generated by smart phones and averages 6.000,000 concurrent sessions. Which Network Processing Card should be recommended in the Bill of Materials?

What does WildFire block on a next-generation firewall (NGFW) that already has Advanced Threat Prevention (ATP) enabled?

A prospective customer wants to purchase a next-generation firewall (NGFW) and requires at least 2 million concurrent sessions with a minimum of 10Gbps of throughput with threat detection enabled. Which tool will help quickly determine the correct size of NGFW for this customer?

Which step is required to ensure that web storage is not used to exfiltrate sensitive data from an enterprise that must use web storage to collaborate with business partners?

Which two actions should be taken to provide some protection when a client chooses not to block uncategorized websites? (Choose two.)

Which security profile on the NGFW includes signatures to protect you from brute force attacks?

WildFire subscription supports analysis of which three types? (Choose three.)

The firewall includes predefined reports, custom reports can be built for specific data and actionable tasks, or predefined and custom reports can be combined to compile information needed to monitor network security. The firewall provides which three types of reports? (Choose three.)

What is the default behavior in PAN-OS when a 12 MB portable executable (PE) file is forwarded to the WildFire cloud service?

Which two products are included in the Prisma Brand? (Choose two.)

There are different Master Keys on Panorama and managed firewalls. What is the result if a Panorama Administrator pushes configuration to managed firewalls?

Which three of the following are identified in the Best Practice Assessment tool? (Choose three.)

Which PAN-OS feature should be discussed if a prospect wants to apply Security policy actions to traffic by using tags from their virtual environment?

What is the correct behavior when a Palo Alto Networks next-generation firewall (NGFW) is unable to retrieve a DNS verdict from DNS service cloud in the configured lookup time?

Which tool can review an imported configuration and assist with identifying which application-based rules should be implemented?

What helps avoid split brain in active/passive HA pair deployment?

What are the three possible verdicts in WildFire Submissions log entries for a submitted sample? (Choose four.)

A customer is seeing an increase in the number of malicious files coming in from undetectable sources in their network. These files include doc and .pdf file types. The customer uses a firewall with User-ID enabled Which feature must also be enabled to prevent these attacks?

A WildFire subscription is required for which two of the following activities? (Choose two.)

Which two methods are used to check for Corporate Credential Submissions? (Choose two.)

A customer is concerned about zero-day targeted attacks against its intellectual property. Which solution informs a customer whether an attack is specifically targeted at them?

Which three considerations should be made prior to installing a decryption policy on the NGFW? (Choose three.)

When having a customer pre-sales call, which aspects of the NGFW should be covered?

Which two products can send logs to the Cortex Data Lake? (Choose two.)

Which statement is true about Deviating Devices and metrics?

Which three components are specific to the Query Builder found in the Custom Report creation dialog of the firewall? (Choose three.)

XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy. Which two features must be enabled to meet the customer's requirements? (Choose two.)

What will a Palo Alto Networks next-generation firewall (NGFW) do when it is unable to retrieve a DNS verdict from the DNS cloud service in the configured lookup time?

A potential customer requires an NGFW solution which enables high-throughput, low-latency network security, all while incorporating unprecedented features and technology. They need a solution that solves the performance problems that plague today's security infrastructure. Which aspect of the Palo Alto Networks NGFW capabilities can you highlight to help them address the requirements?

Which two platform components can identify and protect against malicious email links? (Choose two.)

What is an advantage of having WildFire machine learning (ML) capability inline on the firewall?

Which proprietary technology solutions will allow a customer to identify and control traffic sources regardless of internet protocol (IP) address or network segment?

A customer is starting to understand their Zero Trust protect surface using the Palo Alto Networks Zero Trust reference architecture. What are two steps in this process?

A WildFire subscription is required for which two of the following activities? (Choose two)

Which three steps in the cyberattack lifecycle does Palo Alto Networks Security Operating Platform prevent? (Choose three.)

Which option is required to Activate/Retrieve a Device Management License on the M-100 Appliance after the Auth Codes have been activated on the Palo Alto Networks Support Site?

The ability to prevent users from resolving internet protocol (IP) addresses to malicious, grayware, or newly registered domains is provided by which Security service?

Which three considerations should be made prior to installing a decryption policy on the NGFW? (Choose three.)

Which deployment option of Advanced URL Filtering (AURLF) would help a prospect that actively uses PAC files?

A customer requests that a known spyware threat signature be triggered based on a rate of occurrence, for example, 10 hits in 5 seconds. How is this goal accomplished?

A packet that is already associated with a current session arrives at the firewall. What is the flow of the packet after the firewall determines that it is matched with an existing session?

What are three key benefits of the Palo Alto Networks platform approach to security? (Choose three)

A prospective customer wants to purchase a next-generation firewall (NGFW) and requires at least 2 million concurrent sessions with a minimum of 10Gbps of throughput with threat detection enabled. Which tool will help quickly determine the correct size of NGFW for this customer?

Which action can prevent users from unknowingly downloading potentially malicious file types from the internet?

Which built-in feature of PAN-OS allows the NGFW administrator to create a policy that provides auto remediation for anomalous user behavior and malicious activity while maintaining user visibility?

A customer is designing a private data center to host their new web application along with a separate headquarters for users. Which cloud-delivered security service (CDSS) would be recommended for the headquarters only?

What are the three possible verdicts in WildFire Submissions log entries for a submitted sample? (Choose three.)

Decryption port mirroring is now supported on which platform?

What is an advantage of having WildFire machine learning (ML) capability inline on the firewall?

Which task would be included in the Best Practice Assessment (BPA) tool?

An SE is preparing an SLR report for a school and wants to emphasize URL filtering capabilities because the school is concerned that its students are accessing inappropriate websites. The URL categories being chosen by default in the report are not highlighting these types of websites. How should the SE show the customer the firewall can detect that these websites are being accessed?

Which subscription allows for potential identification of zero-day malware?

Which four steps of the cyber attack lifecycle does the Palo Alto Networks Security Operating Platform prevent? (Choose four.)

What is the key benefit of Palo Alto Networks single-pass architecture (SPA) design?

Which Cloud Identity Engine service should be discussed if a prospect indicates they have an identity provider (IdP) that supports SAML 2.0?

Which three of the following actions must be taken to enable Credential Phishing Prevention? (Choose three.)

A customer worried about unknown attacks is hesitant to enable SSL decryption due to privacy and regulatory issues. How does the platform address the customer's concern?

Which two interface types can be associated to a virtual router? (Choose two.)

What is the recommended way to ensure that firewalls have the most current set of signatures for up-to-date protection?

You have a prospective customer that is looking for a way to provide secure temporary access to contractors for a designated period of time. They currently add contractors to existing user groups and create ad hoc policies to provide network access. They admit that once the contractor no longer needs access to the network, administrators are usually too busy to manually delete policies that provided access to the contractor. This has resulted in over-provisioned access that has allowed unauthorized access to their systems. They are looking for a solution to automatically remove access for contractors once access is no longer required. You address their concern by describing which feature in the NGFW?

A prospective customer with a limited budget has a remote office with 10 users and wants routing path redundancy. What should be recommended for this prospect?

Which two configuration elements can be used to prevent abuse of stolen credentials? (Choose two.)

What are three considerations when deploying User-ID? (Choose three.)

Which of the following statements is valid with regard to Domain Name System (DNS) sinkholing?

In which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data, applications, assets, and services (DAAS) be identified?