Palo Alto Chapter 7-12 Test
with Complete Solutions
What is the maximum size of .EXE files uploaded from the Next Generation firewall to
WIldfire?
Select one:
a. Configurable up to 10 megabytes
b. Always 10 megabytes
c. Configurable up to 2 megabytes
d. Always 2 megabytes - Answer-a. Configurable up to 10 megabytes
Without a Wildfire subscription, which of the following files can be submitted by the Next
Generation Firewall to the hosted Wildfire virtualized sandbox? - Answer-b. PE files only
In the latest Next Generation firewall version, what is the shortest time that can be
configured on the firewall to check for Wildfire updates?
Select one:
a. 15 Minutes
b. 30 Minutes
c. 5 Minutes
d. 1 Hour - Answer-c. 5 Minutes
Which CLI command is used to verify successful file uploads to WildFire?
Select one:
a. debug wildfire download-log show
b. debug wildfire upload-log show
c. debug wildfire upload-threat show
d. debug wildfire upload-log - Answer-debug wildfire upload-log show
Which WildFire verdict indicates no security threat but might display obtrusive behavior?
Select one:
a. Malware
b. Grayware
c. Benign
d. Phishing - Answer-b. Grayware
True or False. If a file type is matched in the File Blocking Profile and WildFire Analysis
Profile, and if the File Blocking Profile action is set to "block," then the file is not
forwarded to WildFire.True or False. If a file type is matched in the File Blocking Profile
, and WildFire Analysis Profile, and if the File Blocking Profile action is set to "block," then
the file is not forwarded to WildFire.
Select one:
True
False - Answer-True
For the Palo Alto Networks Next Generation Firewall to access a Global Catalog server,
LDAP must be set to communicate with which port?
Select one:
a. 443
b. 3268
c. 636
d. 389 - Answer-b. 3268
Which WildFire verdict includes viruses, worms, trojans, remote access tools, rootkits,
and botnets?
Select one:
a. Grayware
b. Phishing
c. Malware
d. Benign - Answer-c. Malware
Which Palo alto Networks User-ID component runs on Microsoft and Citrix terminal
servers?
Select one:
a. Palo Alto Networks Terminal Services agent
b. Palo Alto Networks Firewall
c. PAN-OS Integrated User-ID agent
d. Windows-Based User-ID agent - Answer-a. Palo Alto Networks Terminal Services
agent
Which User-ID component and mapping method is recommended for web clients that
do not use the domain server?
Select one:
a. Terminal Services agent
b. GlobalProtect
c. Captive Portal
d. XML API - Answer-c. Captive Portal
Which port does the Palo Alto Networks Windows-based User-ID agent use by default?
Select one:
a. TCP port 80
b. TCP port 4125
c. TCP port 443
d. TCP port 5007 - Answer-d. TCP port 5007
with Complete Solutions
What is the maximum size of .EXE files uploaded from the Next Generation firewall to
WIldfire?
Select one:
a. Configurable up to 10 megabytes
b. Always 10 megabytes
c. Configurable up to 2 megabytes
d. Always 2 megabytes - Answer-a. Configurable up to 10 megabytes
Without a Wildfire subscription, which of the following files can be submitted by the Next
Generation Firewall to the hosted Wildfire virtualized sandbox? - Answer-b. PE files only
In the latest Next Generation firewall version, what is the shortest time that can be
configured on the firewall to check for Wildfire updates?
Select one:
a. 15 Minutes
b. 30 Minutes
c. 5 Minutes
d. 1 Hour - Answer-c. 5 Minutes
Which CLI command is used to verify successful file uploads to WildFire?
Select one:
a. debug wildfire download-log show
b. debug wildfire upload-log show
c. debug wildfire upload-threat show
d. debug wildfire upload-log - Answer-debug wildfire upload-log show
Which WildFire verdict indicates no security threat but might display obtrusive behavior?
Select one:
a. Malware
b. Grayware
c. Benign
d. Phishing - Answer-b. Grayware
True or False. If a file type is matched in the File Blocking Profile and WildFire Analysis
Profile, and if the File Blocking Profile action is set to "block," then the file is not
forwarded to WildFire.True or False. If a file type is matched in the File Blocking Profile
, and WildFire Analysis Profile, and if the File Blocking Profile action is set to "block," then
the file is not forwarded to WildFire.
Select one:
True
False - Answer-True
For the Palo Alto Networks Next Generation Firewall to access a Global Catalog server,
LDAP must be set to communicate with which port?
Select one:
a. 443
b. 3268
c. 636
d. 389 - Answer-b. 3268
Which WildFire verdict includes viruses, worms, trojans, remote access tools, rootkits,
and botnets?
Select one:
a. Grayware
b. Phishing
c. Malware
d. Benign - Answer-c. Malware
Which Palo alto Networks User-ID component runs on Microsoft and Citrix terminal
servers?
Select one:
a. Palo Alto Networks Terminal Services agent
b. Palo Alto Networks Firewall
c. PAN-OS Integrated User-ID agent
d. Windows-Based User-ID agent - Answer-a. Palo Alto Networks Terminal Services
agent
Which User-ID component and mapping method is recommended for web clients that
do not use the domain server?
Select one:
a. Terminal Services agent
b. GlobalProtect
c. Captive Portal
d. XML API - Answer-c. Captive Portal
Which port does the Palo Alto Networks Windows-based User-ID agent use by default?
Select one:
a. TCP port 80
b. TCP port 4125
c. TCP port 443
d. TCP port 5007 - Answer-d. TCP port 5007
