• Author / Uploaded
• kashif

• Categories
• Software antivirus
• Computación en la nube
• Cortafuegos (Informática)
• Malware
• Seguridad y privacidad en línea

Citation preview

11/27/2018

Realize Your Potential: paloaltonetworks

Test - Palo Alto Networks Accredited Systems Engineer (PSE): Foundation Accreditation Exam

PSE: Foundation

Question 1 of 20. Which three technologies are part of Palo Alto Networks next-generation firewall? (Choose three.) Unified Threat Management App-ID Malware-ID Decryption-ID Content-ID User-ID Mark for follow up

Question 2 of 20. The VM-Series firewalls support which five environments? (Choose five.) AWS Google Cloud Platform VMware ESXi Citrix XenServer Azure Linux VServer VMware NSX Mark for follow up

Question 3 of 20. Which type of security does Aperture provide? shows which users are running which applications, and provides a method for controlling application access by user simplifies workflows to create and enforce new application controls, and analyzes critical threat events for those applications provides visibility into recently occurring threats, and shows how to block those threats allows you to connect directly to SaaS applications to provide data classification and threat detection to secure and manage sanctioned applications serves as a policy enhancement on the Palo Alto Networks firewall that provides visibility into applications and control of those applications Mark for follow up

Question 4 of 20. Which three features would prevent a successful attempt during the exfiltration stage of the attack chain? (Choose three.) GlobalProtect file blocking URL filtering WildFire® DNS monitoring and sinkholing Mark for follow up

https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 1/5

11/27/2018

Realize Your Potential: paloaltonetworks

Question 5 of 20. How can you extend WildFire® analysis resources to a WildFire hybrid cloud? Configure a WildFire private cloud to forward files directly to the WildFire hybrid cloud for analysis of less sensitive or unsupported file types. Configure the firewall to continue to forward sensitive files to your WildFire private cloud for Local Analysis and to forward less sensitive or unsupported file types to the WildFire public cloud. Combine the WildFire public cloud with the Traps Management Service, the cloud protection solution to monitor all endpoints. Configure another firewall in between the hybrid cloud and the main firewall that forwards files to the WildFire cloud, making sure that the firewall in the middle is using port 443 for file submissions. Mark for follow up

Question 6 of 20. What are the three main benefits of WildFire®? (Choose three.) By collecting and distributing malware signatures from every major antivirus vendor, it can provide comprehensive protection. Signatures for identified malware quickly are distributed globally to all Palo Alto Networks customers' firewalls. Because a Palo Alto Networks proprietary cloud-based architecture is used, quarantine holds on suspicious files typically are reduced to fewer than 30 seconds. It gathers information from possible threats detected by next-generation firewalls, endpoints, and Aperture. It uses a sandboxing environment that can detect malware by analyzing the behavior of unknown files. Mark for follow up

Question 7 of 20. True or false: Antivirus inspection is proxy-based. True False Mark for follow up

Question 8 of 20. True or false: One advantage of Single-Pass Parallel Processing (SP3) is that traffic can be scanned with minimum latency as it crosses the firewall. True False Mark for follow up

Question 9 of 20. True or false: AutoFocus is an on-premise-based threat intelligence service that gives security operations teams direct access to all the threat intelligence gathered from the Palo Alto Networks Unit 42 Threat Research team to correlate attack data and analysis. True False Mark for follow up

Question 10 of 20. Which statement is true about how WildFire® scans files for viruses, malware, and spyware? The firewall must have a WildFire Analysis Profile rule attached to a Security policy rule that will scan files for viruses, malware, and spyware. A WildFire Analysis Profile needs to be set to define which files to forward to the WildFire cloud to trigger inspection for zero-day malware. The firewall must have policy rules in place before it can forward the questionable file to WildFire, where the file is analyzed for zero-day malware. For WildFire to be most effective, you need to deploy a WF-500 appliance to get the full benefits of WildFire threat intelligence scanning. https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 2/5

11/27/2018

Realize Your Potential: paloaltonetworks

Mark for follow up

Question 11 of 20. How does the Log Collector differ from the Logging Service? The Log Collector is hardware-based, whereas the Logging Service is scalable on demand. The Log Collector ensures redundancy by having multiple copies of your log database, whereas the Logging Service is regionalized based on your location. The Log Collector provides a centralized repository for your on-premise and virtual firewalls, whereas the Logging Service provides only data isolation to avoid cross-contamination of logs. The Log Collector has built-in log redundancy, whereas the Logging Service has no cloud compliance requirements. Mark for follow up

Question 12 of 20. How frequently are WildFire® updates about previously unknown files delivered from the cloud to customers with a WildFire subscription? every 30 minutes every 60 minutes every day every 5 minutes every 15 minutes Mark for follow up

Question 13 of 20. True or false: PAN-DB is a service that aligns URLs with category types defined by Palo Alto Networks. Websites are classified through various means, including data provided by the Threat Intelligence Cloud. True False Mark for follow up

Question 14 of 20. What is the main role of GlobalProtect? look for malware on the endpoint sandbox files on the Threat Intelligence Cloud extend protections and policies to endpoints categorize URLs Mark for follow up

Question 15 of 20. What are five benefits of Palo Alto Networks next-generation firewalls? (Choose five.) feature-specific modular hardware convenient configuration wizard seamless integration with the WildFire® Threat Intelligence Cloud comprehensive security platform designed to scale functionality over time easy-to-use GUI that is the same on all models identical security features on all models predictable throughput Mark for follow up https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 3/5

11/27/2018

Realize Your Potential: paloaltonetworks

Question 16 of 20. What is the function of the Decryption Broker on the next-generation firewall? decode applications and URL traffic coming through the firewall and assign priority to specific traffic patterns according to geographical location provide content inspection of all known and unknown traffic sessions at the granular level function as centralized communication between firewalls for decoding traffic content consolidate all the information from scans for unknown malware, system status, and system health alerts of the firewall into one central broker interface eliminate the need for a third-party SSL decryption solution and reduce the number of third-party devices performing traffic analysis and enforcement Mark for follow up

Question 17 of 20. What are two features of the Traps Management Service? (Choose two.) requires no server licenses or databases Integrate with GlobalProtect into a single agent that manages both endpoint protection and mobile user connectivity be deployed as a cloud-managed service solution be deployed with your own hardware and infrastructure Mark for follow up

Question 18 of 20. Which product combines data from multiple sources, including third-party providers, correlates it to the Palo Alto Networks threat intelligence database, and uses it to prevent attacks? WildFire® AutoFocus Magnifier Evident Aperture GlobalProtect Mark for follow up

Question 19 of 20. What are the three essential components of a Magnifier deployment? (Choose three.) Aperture logs Log Collector Logging Service MineMeld Panorama Pathfinder AutoFocus Logs Mark for follow up

Question 20 of 20. True or false: Content-ID technology combines results from WildFire® analysis with administrator-defined policies to inspect and control content traversing the firewall, using data-loss prevention techniques in a single, unified engine. True False Mark for follow up https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 4/5

11/27/2018

Save / Return Later

Realize Your Potential: paloaltonetworks

Summary

https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=af606d43-a9be-41d2-a65e-e9341a7b91dd&evalLvl=5&redirect_url=%2fLMS%2f… 5/5