<< Don' for get to press the AD ! mant thanks ! >>
Question 10 of 30. [A]
Which option describes an advantage of Aperture?
Aperture provides consistent security across SaaS applications.
Every application secured provides its own security analysis and management tools.
The Aperture security rules are imported from any vendor’s firewalls.
Aperture essentially is a single management point for cloud-native security across multiple cloud service vendors.
Mark for follow up
Question 20 of 30. [A]
Click Remote Command Execution in the left navigation panel and scroll down to show the visualization of the alert. We only see a red arrow, indicating that: The above image is from the Magnifier demo script that describes exploring an alert. Which answer best completes the demo script after the words “indicating that”?
this is the first time this behavior is seen from this user, and the behavior is anomalous.
83 sessions between 10.10.1.104 and the Private network were blocked.
no sessions are going the other direction, from the Private network to 10.10.1.104.
the blue line, representing sessions going the other direction, is hidden by the red line.
Mark for follow up
Question 22 of 30. [A]
Which demo of the Palo Alto Networks Security Operating Platform can show a customer how to determine who has access to a certain Box cloud storage file?
Aperture
BPA
NGFW
Traps
Mark for follow up
Question 10 of 30. [A]
What happens when access to an application is allowed in a firewall Security policy, but the allowed application implicitly depends on other parent applications or services that otherwise would not be allowed?
The firewall automatically allows the dependencies required for the newly allowed application, and the firewall provides a warning that it is doing so.
The security administrator must specify to the firewall what these dependent applications are.
The newly allowed application itself is allowed, but because it depends on other applications, it cannot be used until they too are explicitly allowed.
The firewall does not “allow applications,” but rather enforces security based on traffic independently of which application generates it.
Mark for follow up
Question 8 of 30. [A]
Palo Alto Networks recommends which approach to cybersecurity?
Zero trust. All traffic is inspected.
Always trust, inspect all traffic afterward.
Trust most things, but don’t trust suspicious traffic.
Trust everything except recognized threats.
Mark for follow up
Question 25 of 30. [AB]
Which two Palo Alto Networks security products can prevent successful ransomware attacks? (Choose two.)
Traps
NGFW
Panorama
SLR
Mark for follow up
Question 17 of 30. [A]
In the Threat Prevention demo, how is WildFire® used to strengthen the security of the environment?
When an unknown file is downloaded as a result of a visit to a website, the file is sent to WildFire® for analysis.
When an Antivirus Profile is attached to a security rule, WildFire® confirms that the viruses blocked by the firewall are still viruses.
When a file is transferred that contains sensitive data, WildFire® identifies that file as containing sensitive data.
All traffic going through the firewall is vetted by WildFire®.
Mark for follow up
Question 21 of 30. [A]
How can a security engineer block all files that contain strings that start with any letters or numbers and contain “pw” or “PW” followed by any numbers?
Using a pattern definition with regular-expression pattern matching.
Creating a virus signature to match viruses that steal passwords.
Treating these filenames as HTTP addresses and using URL filtering.
Using App-ID to block an identified program that processes files with “PW” or “pw” in them.
Mark for follow up
Question 25 of 30. [A]
When a file is uploaded for WildFire® analysis, how can its verdict be found?
Viewing WildFire® submission logs from the firewall’s user interface.
Examining the security rule that allowed the traffic from the firewall’s user interface.
Only by accessing the WildFire® user interface.
The verdict is never seen explicitly, it automatically is incorporated into the firewall’s Security policy.
Mark for follow up
Question 15 of 30. [A]
Which answer best describes the meaning of the above picture in the context of Palo Alto Networks Security Lifecycle Reviews?
The firewall in Tap mode connects to a switch and does not impact customer traffic at all.
The firewall essentially is a router on a stick.
Firewalls can connect only to customer switches, they cannot connect to customer routers.
Firewalls involved in Security Lifecycle Reviews use wireless interfaces only.
Mark for follow up
Question 4 of 30. [A]
Magnifier analyzes logs from:
Palo Alto Networks Logging Service.
Panorama distributed log collectors.
Aperture logs.
Traps logs.
Mark for follow up
Question 18 of 30. [A]
When is it helpful to run a Security Lifecycle Review?
for existing customers as a health check and for potential customers to help build a business case for Palo Alto Networks
primarily to help Customer Support learn more about support cases
only for existing customers, to determine features and functions of the security environment that are not fully or properly utilized
only for potentially new customers, to expose the security weaknesses of their existing security environment
Mark for follow up
Question 2 of 30. [A]
What is the recommended process of configuring a firewall to ensure that all traffic going through it is logged?
Override the intrazone-default and interzone-default rules by clicking their Log at Session End boxes.
Add a rule before the default rules that denies all traffic and logs.
No process is necessary because the Palo Alto Networks NGFW always logs all traffic.
Add a rule that allows everything from everywhere as the first rule and logs all traffic that it allows.
Mark for follow up
Question 3 of 30. [A]
Which option best describes the role of App-ID in Palo Alto Networks NGFW Security policy?
Application data payload is considered as part of the NGFW security rule matching process.
The firewall automatically disallows a competitor’s applications for security reasons.
App-ID is the firewall’s way of identifying which user’s traffic is associated with an application.
App-ID allows administrators to rename standard applications with internal nicknames.
Mark for follow up
Question 8 of 30. [A]
What is the Palo Alto Networks NGFW recommended security policy?
Only traffic that is explicitly allowed passes through the firewall.
Only traffic that is explicitly denied is prevented from passing through the firewall.
Only traffic from recognized users is allowed to pass through the firewall.
Only traffic from unrecognized applications is prevented from passing through the firewall.
Mark for follow up
Question 15 of 30. [A]
Which Palo Alto Networks Security Operating Platform component is best suited to find and block zero-day threats on an employee’s laptop?
Traps
NGFW
Magnifier
Aperture
Mark for follow up
Question 13 of 30. [A]
Which part of the Palo Alto Security Operating Platform uses multiple methods to disrupt an attack before it can infect an endpoint?
Traps
Panorama
Magnifier
Logging Service
Mark for follow up
Question 16 of 30. [A]
Which answer best describes User-ID?
User-ID combines multiple methods to map IP addresses to users, and once users are mapped, they can be used by firewall Security policy rules and reports.
User-ID is the firewall’s internal storage of encrypted passwords, providing access control to firewall administrative functionality.
User-ID is another name for App-ID; applications are considered users of the traffic control function of the firewall.
User-ID is how GlobalProtect knows who can use its service.
Mark for follow up
Question 19 of 30. [A]
Aperture is a product that addresses which kind of security?
SaaS
data center
endpoint
inline network
Mark for follow up
Question 11 of 30. [A]
Which file should be uploaded to the Security Lifecycle Review tool?
Stats Dump file
SLR report csv
Exported config file
SaaS Risk Assessment Report
Mark for follow up
Question 17 of 30. [A]
Which part of the Palo Alto Networks Security Operating Platform helps customers accelerate their consumption of innovative cloud security offerings?
Application Framework
Generation Alpha Firewall
Magnifier
Aperture
Mark for follow up
Question 2 of 30. [A]
Which option helps to find the security rule that allowed traffic from a particular application at a particular time?
the log at NGFW Monitor > Traffic
BPA heatmap
Aperture SaaS Risk Assessment Report
WildFire® verdict
Mark for follow up
Question 13 of 30. [A]
What is the purpose of the “Executive Summary“ section of the SLR?
highlight key findings of the Security Lifecycle Review
summarize pricing for addressing issues identified by an SLR
show the Set Least Resistance properties in one place
summarize pricing for a large proposal
Mark for follow up
Question 8 of 30. [A]
Which demo would you present to showcase abnormalities in network traffic?
Magnifier
The Best Practices Analysis report
Traps
The firewall
Mark for follow up
Question 2 of 30. [A]
Which answer best describes the sales cycle role that a Security Lifecycle Review (SLR) provides?
The SLR is a way to use a prospect’s own data to show where the Palo Alto Networks Security Operating Platform can help them.
Security Lifecycle Reviews can provide automated enforcement for best practices when a single NGFW is left at the customer for six months or more.
The SLR report is a way to show the kind of reports that can be generated after a customer purchases a comprehensive security platform from Palo Alto Networks.
Because it takes so much time, an SLR often lengthens the firewall sales cycle.
Mark for follow up
Question 20 of 30. [A]
Which tool most directly helps a customer’s engineer to systematically check a previous engineer’s Palo Alto Networks NGFW configuration for general cyber hygiene?
Best Practices Analysis tool
NGFW ACC page
Aperture Explore Assets tool
Panorama
Mark for follow up
Question 25 of 30. [ABC]
Which three components are commonly used to contribute to public cloud security? (Choose three.)
SaaS security
endpoint security
inline security in the cloud
physical router and switch security
Mark for follow up
Question 11 of 30. [A]
Which product can be characterized as an API-based CASB?
Aperture
SLR
Magnifier
NGFW
Mark for follow up
********************************************************************************************************************************************************************************************************************************
Question 28 of 30. [AB]
Which two stages of the cyber-attack lifecycle does App-ID help to directly protect against? (Choose two.)
Delivery
Command and Control
Exploitation
Installation
Decryption
Mark for follow up
Question 7 of 30. [AB]
App-ID provides value protecting against threats in which two ways? (Choose two.)
App-ID can be used in a security rule to specify that traffic belonging to a set of applications is blocked.
App-ID can be used with User-ID and Content-ID to reduce the attack surface.
With application dependency, the identified application depends on the intent of the attacker and App-ID can be used this way to block malicious intent.
App-ID can be used in a security rule to specify that traffic initiating from a specific group of users is blocked.
Once an application is identified, App-ID provides interpretation of the application's payload to ensure that the application is used only as intended.
Mark for follow up
Question 9 of 30. [A]
What does the Logging Service do?
feeds network Security logs and Endpoint Protection logs into a data lake that is used by applications in the Application Framework
collects logs from all firewalls in a deployment, reformats them, and provides them to the firewall running the service
logs and tracks operational errors that occur in any firewalls in a single environment and provides a report of those errors to Panorama
tracks all firewall uses of logs including log export to syslog, email servers, Panorama, SNMP, and HTTP servers
Mark for follow up
Question 15 of 30. [A]
What does a BPA adoption Heatmap show?
the feature sets of a particular firewall that actually are used
the distribution of traffic among firewall ports
the feature sets of a particular firewall that are currently licensed
the rules of a particular firewall that are hit most often
Mark for follow up
Question 5 of 30. [A]
What is the correct order of activity to create an SLR report?
access the Partner Portal, click TRACK DEALS, provide Report Input Filters, upload Stats Dump file
upload Stats Dump file, click TRACK DEALS, select the Opportunity, provide Account Information, provide Report Input Filters
upload Stats Dump file, access the Partner Portal, select the Opportunity, provide Report Input Filters
access the Partner Portal, select Opportunity, click TRACK DEALS, upload Stats Dump file, provide Account Information
Mark for follow up
Question 11 of 30. [A]
Which configuration step is part of setting up the firewall to collect data for an SLR?
From Network > Interfaces, open an interface and set its Interface Type to Tap.
From Network > Virtual Routers, add a static route from the interface connected to the switch to the default gateway.
From Network > Interfaces, add a new SLR interface.
From Policies > Security, add a security policy that blocks all traffic.
Mark for follow up
Question 3 of 30. [A]
To configure a firewall to collect data for an SLR, the interface that is connected to the customer's switch's SPAN port should be which zone type?
Tap
Layer3
Tunnel
Virtual Wire
Layer2
Mark for follow up
Question 29 of 30. [ABC]
Which three security capabilities can be combined to provide necessary protection for current multi-platform cloud application architecture? (Choose three.)
inline security with the ability to protect and segment traffic that’s entering applications, going between applications, and leaving applications
use of IaaS and PaaS APIs to obtain good insight into how services are consumed, configured, and deployed
detection and prevention of zero-day attacks by securing applications and operating systems from within their workload or host
native cloud-platform security offerings that provide security for multiple platforms and on-premises data center infrastructures
a set of point products from multiple vendors that provide frictionless security for specific corner use cases, along with a corresponding set of security administration and reporting tools
Mark for follow up
Question 8 of 30. [A]
Which function or feature describes an advantage of Aperture?
Aperture provides consistent security across SaaS applications.
Aperture security rules are imported from any vendor’s firewalls.
Every application secured provides its own security analysis and management tools.
Aperture essentially is a single management point for cloud ¬native security across multiple cloud service vendors.
Mark for follow up
Question 22 of 30. [A]
A BPA Heatmap is filtered by source and destination zone. What does this mean for the Heatmap display?
Profile adoption will be shown only for rules with that source and destination.
Traffic shown will be limited to the specified source and destination.
Security rules in the Heatmap's firewall will be reconfigured to limit traffic to the specified source and destination.
The virtual router in the Heatmap's firewall will route traffic from the specified source to the specified destination.
Mark for follow up
Question 7 of 30. [A]
Which file should be uploaded to the Security Lifecycle Review tool?
Stats Dump file
SLR report csv
SaaS Risk Assessment report
exported config file
Mark for follow up
Question 1 of 30. [A]
Which action or configuration contributes to positive enforcement?
defining zones according to business needs to access those zones
configuring a security profile that logs all spyware.
configuring a rule that allows traffic only for specific applications to reach a zone
configuring a rule that allows all traffic between zones but logs that traffic
Mark for follow up
Question 2 of 30. [A]
How does use of User-ID in a security rule help implement the Palo Alto Networks security posture?
reduces the attack surface to support Zero Trust
specifies traffic data pattern matching to support Zero Trust
increases the attack surface to support positive enforcement
specifies the exfiltration zones to which security profiles apply
Mark for follow up
Question 20 of 30. [A]
Which statement describes the BPA Report password?
defined at report generation time and is required to view the password-protected report
allows access to encrypted data stored by the firewall and uploaded to the Support Portal
the same as the Panorama or firewall admin password and is required to access the report generator
must be 13 characters long but once entered is never again required
Mark for follow up
Question 23 of 30. [A]
How are dynamic content updates for the NGFW checked?
From Device > Dynamic Updates, click Check Now once for Antivirus, then once again for Application, GlobalProtect, Threats, and WildFire® updates.
Log in to the Partner Portal or Customer Success Portal, and specify the IP address of the firewall to receive dynamic updates.
From Device > Dynamic Updates, click Check Now once.
From Device > Dynamic Updates, click Check Now once each for Antivirus, Application, GlobalProtect, Threats, and WildFire® updates.
Mark for follow up
Question 29 of 30. [A]
Which option describes how samples can be used between the NGFW and WildFire®?
The firewall sends unknown files to WildFire, which does a threat analysis of the sample and generates new signatures when threats are identified.
WildFire sends samples of malicious code to the NGFW, which then uses those samples to compare with traffic flowing through it.
The firewall samples WildFire data every five minutes and adds any threats found to its WildFire Security Profile.
The firewall sends a configurable distribution of random traffic samples to WildFire, which determines firewall configuration errors based on those samples.
Mark for follow up
Question 13 of 30. [ABC]
Logs can be used in the Security Operating Platform in which three ways? (Choose three.)
The Security Lifecycle Review can use logs to discover applications and threats present in an environment.
Magnifier can use logs to build a baseline of behavior and identify abnormal behavior against that.
An analyst can view applications with the most sessions and highest risk applications with the most sessions from the Application Command Center.
The firewall can automatically reconfigure security profiles when there are too many logs for a specific commodity threat.
The firewall can receive logs from other devices sent through a syslog server and incorporate those logs in its reports.
Mark for follow up
Question 4 of 30. [A]
How does Magnifier identify behavioral anomalies?
comparing new traffic and host profile data to a baseline of normal customer¬-specific activity built by analyzing collected data over 30 days and
comparing customer traffic behavior to a huge database of that customer’s competitors’ traffic behavior
comparing customer behavior to known behaviors found in environments with good security hygiene
comparing customer behavior with a current list of abnormal behavior
comparing differences among data from Traps, Aperture, the next¬-generation firewall, and GlobalProtect agents
Mark for follow up
Question 16 of 30. [AB]
When a customer is using competitors’ security products, which two tools are appropriate to help the customer reassess their security posture? (Choose two.)
SLR
PPA
BPA
TMS
Mark for follow up
Question 30 of 30. [A]
Which tool most directly helps a customer’s engineer to systematically check a previous engineer’s Palo Alto Networks NGFW configuration for general cyber hygiene?
Best Practices Analysis tool
Aperture Explore Assets tool
Panorama
NGFW ACC page
Mark for follow up
Question 22 of 30. [A]
What is the difference between a BPA Report for a registered opportunity and a report without a registered opportunity?
There is no difference between the two reports.
Reports for registered opportunities are based on Tech Support Files and reports outside of registered opportunities are based on Prospect Tech Support Files.
The report for a registered opportunity is free, but there is a fee for generating a report when there is no registered opportunity.
Reports for registered opportunities include information about licensing entered when the opportunity was registered.
Mark for follow up
Question 27 of 30. [A]
To configure a firewall for SLR data collection, how is the data to be logged specified?
by a Security Policy rule on the firewall
from Monitor > Manage Custom Reports on the firewall web interface
with an ACL on the customer switch SPAN port
from the Partner Portal or Support Portal
Mark for follow up
Question 18 of 30. [A]
How can User-ID connectivity be verified for an NGFW?
Check Device > User Identification > User Mapping > Server Monitoring.
Check the CPU load on the network's domain controller.
Check traffic load on the network's LDAP server.
Check WMI logs.
Mark for follow up
Question 25 of 30. [A]
Which demo would you present to showcase abnormalities in network traffic?
Magnifier
Traps
firewall
Best Practices Analysis Report
Mark for follow up
Question 11 of 30. [C]
Which product can be characterized as an API¬based CASB?
Magnifier
NGFW
Aperture
SLR
Mark for follow up
Question 22 of 30. [A]
Which demo of the Palo Alto Networks Security Operating Platform can show a customer how to determine who has access to a certain Box cloud storage file?
Aperture
BPA
NGFW
Traps
Mark for follow up
Question 3 of 30. [B]
Click Remote Command Execution in the left navigation panel and scroll down to show the visualization of the alert. We only see a red arrow, indicating that: The above image is from the Magnifier demo script that describes exploring an alert. Which answer best completes the demo script after the words “indicating that”?
the blue line, representing sessions going the other direction, is hidden by the red line.
this is the first time this behavior is seen from this user, and the behavior is anomalous.
no sessions are going the other direction, from the Private network to 10.10.1.104.
83 sessions between 10.10.1.104 and the Private network were blocked.
Mark for follow up
Question 5 of 30. [B]
Which answer best describes the meaning of the above picture in the context of Palo Alto Networks Security Lifecycle Reviews?
The firewall essentially is a router on a stick.
The firewall in Tap mode connects to a switch and does not impact customer traffic at all.
Firewalls can connect only to customer switches, they cannot connect to customer routers.
Firewalls involved in Security Lifecycle Reviews use wireless interfaces only.
Mark for follow up
Question 5 of 30. [A]
When an NGFW is set up to collect data for an SLR, from where on the customer network does data flow to the NGFW?
from a SPAN port on a customer switch
from an egress port on a customer switch
from an ingress port on a customer router
from the customer's internet service provider link
Mark for follow up
Question 6 of 30. [A]
What is the purpose of the “Executive Summary“ section of the SLR?
highlight key findings
summarize the BOM for a large proposal
show the Sensitive Lost Resource properties in one place
summarize pricing to address issues identified by an SLR
Mark for follow up
Question 28 of 30. [A]
Which option best describes the role of App-¬ID in Palo Alto Networks NGFW security policy?
Application recognition is considered as part of the NGFW security rule matching process.
App-¬ID allows administrators to rename standard applications with internal nicknames.
App-¬ID is the firewall’s way of identifying which user’s traffic is associated with an application.
The firewall automatically disallows a competitor’s applications for security reasons.
Mark for follow up
Question 29 of 30. [A]
Which process yields a Tech Support File that is ready for upload?
Click Device > Support > Generate Tech Support File from the NGFW web interface, then download the file to a computer.
Download the Tech Support File from the support website, load it into the firewall, and click Device > Support > Generate Tech Support File.
From Monitor > PDF Reports, select Tech Support File, and specify a location to save the file.
Click Device > Support > Generate Tech Support File from the NGFW web interface.
Mark for follow up
Question 9 of 30. [AB]
What are two ways attackers hide themselves? (Choose two.)
use permitted applications
use legitimate credentials
use of brute force attacks
use known exploits against known vulnerabilities
Mark for follow up
Question 18 of 30. [A]
How is the data in a Stats Dump file made available for SLR Report creation?
downloaded from the firewall to a computer, then uploaded when requested from the Partner Portal
fed through the Logging Service and made available to the SLR app
automatically pulled by Panorama and uploaded to the Partner Portal
uploaded directly from the firewall to the Partner Portal
Mark for follow up
Question 20 of 30. [A]
To configure a firewall to collect data for an SLR, what should the WildFire® action be in the Antivirus Profile attached to the security rule used by the interface receiving customer traffic?
"alert" for all actions
"reset client" for all actions
"alert" for FTP and HTTP, and "reset both" for all other decoders
"default" for all actions
Mark for follow up
Question 25 of 30. [A]
How can an external list of malicious domains be leveraged by an NGFW?
Content-ID technology combines results from WildFire® analysis with administrator-defined policies to inspect and control content traversing the firewall, using dataloss prevention techniques in a single, unified engine.
An Anti-Spyware Profile can define access to any of the domains on the list to be an application, and the profile can use App-ID to block that application.
The external list can be specified as a URL in a security rule's zone configuration to block traffic from the zone containing these domains.
The external list can be specified as an External Dynamic List in an Anti-Spyware Security Profile that need not be attached to a security rule.
Mark for follow up
Question 30 of 30. [A]
How do security rules and security profiles work together to create security policy?
Security profiles specify what happens to traffic that an attached security rule would otherwise allow.
The firewall forwards traffic when it finds either a security rule or a security profile that allows that traffic.
Security rules specify what happens to traffic that an attached security profile would otherwise allow.
Security profiles specify what happens to traffic that an attached security rule blocks.
Mark for follow up
Question 3 of 30. [A]
Which product protects against threats moving between servers in the cloud?
next-generation firewall VM
Magnifier
Aperture
GlobalProtect
Mark for follow up
Question 24 of 30. [A]
Which feature or option helps find the security rule that allowed traffic from a particular application at a particular time?
log at NGFW Monitor > Traffic
BPA heatmap
Aperture SaaS Risk Assessment Report
WildFire® verdict
Mark for follow up
Question 5 of 30. [AB]
In addition to reporting deviations from best practice, the BPA Report provides which two pieces of information? (Choose two.)
a reason to follow best practice for each best-practice fail that the BPA identifies
a recommendation to achieve a pass for each best-practice fail that the BPA identifies
a configuration file that when used by the firewall will enable it to pass all best-practice tests
all the parameters used by any security rules or other rules configured for the firewall
Mark for follow up
Question 8 of 30. [A]
Which selections should be used for applications, destinations, and users in the Security policy rule used by a firewall to collect data for an SLR?
any, any, any
pre-logon, all-palo-alto-base, trust
pre-logon, any, trust
any, any, untrust
Mark for follow up
Question 11 of 30. [A]
Which comparison does a BPA Report present?
a customer's NGFW configuration against best practices
signatures in the firewall against signatures available from WildFire®
a customer's configuration against the results of a customer interview
customer breaches against those that would be blocked by a properly licensed and configured firewall
Mark for follow up
Question 26 of 30. [A]
To create a BPA report without a registered opportunity, which URL is accessed?
Customer Success Portal
NGFW Security Portal
Partner Portal
Support Portal
Mark for follow up
************************************************************************************************
Question 21 of 30.
When an SLR report from the Partner Portal is created, which four features can be associated with the report? (Choose four.)
key stakeholders
geographic location
deployment location
end-user account
deal size
industry
Mark for follow up
Question 20 of 30.
Which answer best describes the sales cycle role that a Security Lifecycle Review provides?
It is a way to show the kind of reports that can be generated after a customer purchases a comprehensive security platform from Palo Alto Networks.
It often lengthens the firewall sales cycle because it takes so much time.
It is a way to use a prospect’s own data to show where the Palo Alto Networks Security Operating Platform can help them.
It can provide automated enforcement for best practices when a single NGFW is left at the customer for six months or more.
Mark for follow up
Question 6 of 30.
After a Tech Support File is uploaded to the partner portal to create a BPA report, what does Zone Mapping do?
When the Tech Support File is from Panorama and reflects multiple firewalls, it allows a user to specify whether each firewall is physical or virtual.
It allows a user to map each zone in the Tech Support File to its area of architecture, such as internet, DMZ, remote/VPN, or other areas.
It allows a user to rename zones for clarity in the BPA report.
It allows a user an additional opportunity to specify source and destination zones for firewall rules analyzed in the BPA.
Mark for follow up
Which file should be used to provide data for a BPA or Heatmap?
SaaS Risk Assessment report
exported config file
Tech Support File
exported Traffic log csv
Mark for follow up
Magnifier analyzes logs from which source?
Panorama distributed log collectors
syslog servers
Palo Alto Networks Logging Service
Aperture logs
Mark for follow up
Question 2 of 30.
In an attack intended to exfiltrate data, the attack's first landing in the target network is not its target server. Which three steps are likely to be part of the continuation of that attack? (Choose three.)
obtaining credentials
accessing sensitive servers
denial of service
probing the network
Mark for follow up
沒有留言:
張貼留言