An SE is preparing an SLR report for a school and wants to emphasize URL filtering capabilities because the school is concerned that its students are accessing inappropriate websites. The URL categories being chosen by default in the report are not highlighting these types of websites. How should the SE show the customer the firewall can detect that these websites are being accessed?
A. Create a footnote within the SLR generation tool
B. Edit the Key-Findings text to list the other types of categories that may be of interest
C. Remove unwanted categories listed under 'High Risk' and use relevant information
D. Produce the report and edit the PDF manually
Which two network events are highlighted through correlation objects as potential security risks? (Choose two.)
A. Identified vulnerability exploits
B. Launch of an identified malware executable file
C. Endpoints access files from a removable drive
D. Suspicious host behavior
XYZ Corporation has a legacy environment with asymmetric routing. The customer understands that Palo Alto Networks firewalls can support asymmetric routing with redundancy. Which two features must be enabled to meet the customer's requirements? (Choose two.)
A. Policy-based forwarding
B. HA active/active
C. Virtual systems
D. HA active/passive
A client chooses to not block uncategorized websites. Which two additions should be made to help provide some protection? (Choose two.)
A. A URL filtering profile with the action set to continue for unknown URL categories to security policy rules that allow web access
B. A data filtering profile with a custom data pattern to security policy rules that deny uncategorized websites
C. A file blocking profile attached to security policy rules that allow uncategorized websites to help reduce the risk of drive by downloads
D. A security policy rule using only known URL categories with the action set to allow
A customer is starting to understand their Zero Trust protect surface using the Palo Alto Networks Zero Trust reference architecture.
What are two steps in this process? (Choose two.)
A. Validate user identities through authentication
B. Gain visibility of and control over applications and functionality in the traffic flow using a port and protocol firewall
C. Categorize data and applications by levels of sensitivity
D. Prioritize securing the endpoints of privileged users because if non-privileged user endpoints are exploited, the impact will be minimal due to perimeter controls
How frequently do WildFire signatures move into the antivirus database?
A. every 24 hours
B. every 12 hours
C. once a week
D. every 1 hour
Which three signature-based Threat Prevention features of the firewall are informed by intelligence from the Threat Intelligence Cloud? (Choose three.)
A. Vulnerability protection
B. Anti-Spyware
C. Anti-Virus
D. Botnet detection
E. App-ID protection
What three Tabs are available in the Detailed Device Health on Panorama for hardware-based firewalls? (Choose three.)
A. Errors
B. Environments
C. Interfaces
D. Mounts
E. Throughput
F. Sessions
G. Status
Which two of the following does decryption broker provide on a NGFW? (Choose two.)
A. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic only once
B. Eliminates the need for a third party SSL decryption option which allows you to reduce the total number of third party devices performing analysis and enforcement
C. Provides a third party SSL decryption option which allows you to increase the total number of third party devices performing analysis and enforcement
D. Decryption broker allows you to offload SSL decryption to the Palo Alto Networks next-generation firewall and decrypt traffic multiple times
An endpoint, inside an organization, is infected with known malware that attempts to make a command-and-control connection to a C2 server via the destination IP address
Which mechanism prevents this connection from succeeding?
A. DNS Sinkholing
B. DNS Proxy
C. Anti-Spyware Signatures
D. Wildfire Analysis