To properly configure DOS protection to limit the number of sessions individually from
specific source IPs you would configure a DOS Protection rule with the following
characteristics:

A.

Action: Protect, Classified Profile with "Resources Protection" configured, and Classified
Address with "source-ip-only" configured

B.

Action: Deny, Aggregate Profile with "Resources Protection" configured

C.

Action: Protect, Aggregate Profile with "Resources Protection" configured

D.

Action: Deny, Classified Profile with "Resources Protection" configured, and Classified
Address with "source-ip-only" configured

To create a custom signature object for an Application Override Policy, which of the
following fields are mandatory?

A.

Category

B.

Regular Expressions

C.

Ports

D.

Characteristics

The following can be configured as a next hop in a Static Route:

A.

A Policy-Based Forwarding Rule

B.

Virtual System

C.

A Dynamic Routing Protocol

D.

Virtual Router

Which of the following would be a reason to use an XML API to communicate with a Palo
Alto Networks firewall?

A.

So that information can be pulled from other network resources for User-ID

B.

To allow the firewall to push UserID information to a Network Access Control (NAC)
device.

C.

To permit sys logging of User Identification events

In an Anti-Virus profile, changing the action to “Block” for IMAP or POP decoders will result
in the following:

A.

The connection from the server will be reset

B.

The Anti-virus profile will behave as if “Alert” had been specified for the action

C.

The traffic will be dropped by the firewall

D.

Error 541 being sent back to the server

Wildfire may be used for identifying which of the following types of traffic?

A.

URL content

B.

DHCP

C.

DNS

D.

Viruses

In PAN-OS 6.0, rule numbers were introduced. Rule Numbers are:

A.

Dynamic numbers that refer to a security policy’s order and are especially useful when
filtering security policies by tags

B.

Numbers referring to when the security policy was created and do not have a bearing on
the order of policy enforcement

C.

Static numbers that must be manually re-numbered whenever a new security policy is
added

Which of the following is a routing protocol supported in a Palo Alto Networks firewall?

A.

RIPv2

B.

ISIS

C.

IGRP

D.

EIGRP

For non-Microsoft clients, what Captive Portal method is supported?

A.

NTLM Auth

B.

User Agent

C.

Local Database

D.

Web Form Captive Portal

When creating an application filter, which of the following is true?

A.

They are used by malware

B.

Excessive bandwidth may be used as a filter match criteria

C.

They are called dynamic because they automatically adapt to new IP addresses

D.

They are called dynamic because they will automatically include new applications from
an application signature update if the new application's type is included in the filter

Select the implicit rules enforced on traffic failing to match any user defined Security
Policies:

A.

Intra-zone traffic is denied

B.

Inter-zone traffic is denied

C.

Intra-zone traffic is allowed

D.

Inter-zone traffic is allowed

What needs to be done prior to committing a configuration in Panorama after making a
change via the CLI or web interface on a device?

A.

No additional actions required

B.

Synchronize the configuration between the device and Panorama

C.

Make the same change again via Panorama

D.

Re-import the configuration from the device into Panorama