Palo Alto Networks Quiz 5th Grade Quiz | Wayground (formerly Quizizz)

1.

MULTIPLE SELECT QUESTION

30 sec • 1 pt

A company plans to deploy identity for improved visibility and identity-based controls for least privilege access to applications and dat A. The company does not have an on-premises Active Directory (AD) deployment, and devices are connected and managed by using a combination of Entra ID and Jamf. Which two supported sources for identity are appropriate for this environment? (Choose two.)

Captive portal

User-ID agents configured for WMI client probing

GlobalProtect with an internal gateway deployment

Cloud Identity Engine synchronized with Entra ID

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A systems engineer (SE) is working with a customer that is fully cloud-deployed for all applications. The customer is interested in Palo Alto Networks NGFWs but describes the following challenges: "Our apps are in AWS and Azure, with whom we have contracts and minimum-revenue guarantees. We would use the built-in firewall on the cloud service providers (CSPs), but the need for centralized policy management to reduce human error is more important." Which recommendations should the SE make?

Cloud NGFWs at both CSPs; provide the customer a license for a Panorama virtual appliance from their CSP's marketplace of choice to centrally manage the systems.

Cloud NGFWs in AWS and VM-Series firewall in Azure; the customer selects a PAYG licensing Panorama deployment in their CSP of choice.

VM-Series firewalls in both CSPs; manually built Panorama in the CSP of choice on a host of either type: Palo Alto Networks provides a license.

VM-Series firewall and CN-Series firewall in both CSPs; provide the customer a private-offer Panorama virtual appliance from their CSP's marketplace of choice to centrally manage the systems.

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A customer claims that Advanced WildFire miscategorized a file as malicious and wants proof, because another vendor has said that the file is benign. How could the systems engineer assure the customer that Advanced WildFire was accurate?

Review the threat logs for information to provide to the customer.

Use the WildFire Analysis Report in the log to show the customer the malicious actions the file took when it was detonated.

Open a TAG ticket for the customer and allow support engineers to determine the appropriate action.

Do nothing because the customer will realize Advanced WildFire is right.

4.

MULTIPLE SELECT QUESTION

30 sec • 1 pt

Which three known variables can assist with sizing an NGFW appliance? (Choose three.)

Connections per second

Max sessions

Packet replication

App-ID firewall throughput

Telemetry enabled

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which statement applies to the default configuration of a Palo Alto Networks NGFW?

Security profiles are applied to all policies by default, eliminating implicit trust of any data traversing the firewall.

The default policy action for intrazone traffic is deny, eliminating implicit trust within a security zone.

The default policy action allows all traffic unless explicitly denied.

The default policy action for interzone traffic is deny, eliminating implicit trust between security zones.

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company has multiple business units, each of which manages its own user directories and identity providers (IdPs) with different domain names. The company's network security team wants to deploy a shared GlobalProtect remote access service for all business units to authenticate users to each business unit's IdP. Which configuration will enable the network security team to authenticate GlobalProtect users to multiple SAML IdPs?

GlobalProtect with multiple authentication profiles for each SAML IdP

Multiple authentication mode Cloud Identity Engine authentication profile for use on the GlobalProtect portals and gateways

Authentication sequence that has multiple authentication profiles using different authentication methods

Multiple Cloud Identity Engine tenants for each business unit

7.

MULTIPLE SELECT QUESTION

30 sec • 1 pt

Device-ID can be used in which three policies? (Choose three.)

Security

Decryption

Policy-based forwarding (PBF)

SD-WAN

Quality of Service (QoS)

8.

MULTIPLE SELECT QUESTION

30 sec • 1 pt

The PAN-OS User-ID integrated agent is included with PAN-OS software and comes in which two forms? (Choose two.)

Integrated agent

GlobalProtect agent

Windows-based agent

Cloud Identity Engine (CIE)

9.

MULTIPLE SELECT QUESTION

30 sec • 1 pt

Which two actions can a systems engineer take to discover how Palo Alto Networks can bring value to a customer's business when they show interest in adopting Zero Trust? (Choose two.)

Ask the customer about their internal business flows, such as how their users interact with applications and data across the infrastructure.

Explain how Palo Alto Networks can place virtual NGFWs across the customer's network to ensure assets and traffic are seen and controlled.

Use the Zero Trust Roadshow package to demonstrate to the customer how robust Palo Alto Networks capabilities are in meeting Zero Trust.

Ask the customer about their approach to Zero Trust, explaining that it is a strategy more than it is something they purchase.

10.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A large global company plans to acquire 500 NGFWs to replace its legacy firewalls and has a specific requirement for centralized logging and reporting capabilities. What should a systems engineer recommend?

Combine Panorama for firewall management with Palo Alto Networks' cloud-based Strata Logging Service to offer scalability for the company's logging and reporting infrastructure.

Use Panorama for firewall management and to transfer logs from the 500 firewalls directly to a third-party SIEM for centralized logging and reporting.

Highlight the efficiency of PAN-OS, which employs AI to automatically extract critical logs and generate daily executive reports, and confirm that the purchase of 500 NGFWs is sufficient.

Deploy a pair of M-1000 log collectors in the customer data center, and route logs from all

Create a free account and access millions of resources

Popular Resources on Wayground

Discover more resources for Engineering