What two advantages of the DNS Sinkholing feature? (Choose two)
A. It can be deployed independently of an Anti-Spyware Profile.
B. It is monitoring DNS requests passively for malware domains.
C. It can work upstream from the internal DNS server.
D. It is forging DNS replies to known malicious domains.
A customer is concerned about malicious activity occurring directly on their endpoints and not visible to their firewalls.
Which three actions does Traps execute during a security event beyond ensuring the prevention of this activity? (Choose three.)
A. Informs WildFire and sends up a signature to the Cloud
B. Collects forensic information about the event
C. Communicates the status of the endpoint to the ESM
D. Notifies the user about the event
E. Remediates the event by deleting the malicious file
Which option is required to activate/retrieve a Device Management License on the M.100 Appliance after the Auth Codes have been activated on the Palo Alto Networks Support Site?
A. Generate a Tech Support File and call PANTAC
B. Select Device > Licenses and click activate feature using authorization code
C. Select PANORAMA > Licenses and click Activate feature using authorization code
D. Generate a State Dump File and upload it to the Palo Alto Network support portal
Which certificate can be used to ensure that traffic coming from a specific server remains encrypted?
A. Forward entrust
B. SSL exclude certificate
C. Forward trust
D. SSL inbound inspection
What is the recommended way to ensure that firewalls have the most current set of signatures for up-todate protection?
A. Store updates on an intermediary server and point all the firewalls to it
B. Monitor update announcements and manually push updates to firewalls
C. Utilize dynamic updates with an aggressive update schedule
D. Run a Perl script to regularly check for updates and alert when one in released
XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy.
Which two features must be enabled to meet the customer's requirements? (Choose two.)
A. Virtual systems
B. HA active/active
C. Policy-based forwarding
D. HA active/passive
In which two cases should the Hardware offering of Panorama be chosen over the Virtual Offering? (Choose two)
A. Dedicated Logger Mode is required
B. Logs per second exceed 10,000
C. Appliance needs to be moved into data center
D. Device count is under 100
Which three methods used to map users to IP addresses are supported in Palo Alto Networks firewalls? (Choose three.)
A. Client Probing
B. TACACS
C. eDirectory monitoring
D. SNMP server
E. Lotus Domino
F. RADIUS
G. Active Directory monitoring
Because of regulatory compliance a customer cannot decrypt specific types of traffic.
Which license should an SE recommend to the customer who will be decrypting traffic on the Palo Alto Networks firewall?
A. App-ID, to use applications as match criteria in the decryption policy rules
B. SSL Decryption, for inbound inspection and granular Forward Proxy SSL decryption
C. Support, to request custom categories as match criteria in decryption policy rules
D. URL Filtering, to use predefined URL categories as match criteria in the decryption policy rules
What are three sources of malware sample data for the Palo Alto Networks Threat Intelligence Cloud? (Choose three.)
A. Third-Party data feeds, like the partnership with ProofPoint and the Cyber Threat Alliance
B. Palo Alto Networks AutoFocus generated Correlation Objects
C. Palo Alto Networks Next Generation Firewalls deployed with Wildfire Analysis Security Profiles
D. WF-500 configured as private clouds for privacy concerns
E. Palo Alto Networks non-firewall products, like Traps and Aperture