Q1. What are the benefits gained when the "Enable Passive DNS Monitoring" checkbox is chosen on the firewall? (Select all correct answers.) 

A. Improved DNSbased C&C signatures. 

B. Improved PANDB malware detection. 

C. Improved BrightCloud malware detection. 

D. Improved malware detection in WildFire. 

View Answer

Q2. WildFire Analysis Reports are available for the following Operating Systems (select all that apply) 

A. Windows XP 

B. Windows 7 

C. Windows 8 

D. Mac OS-X 

View Answer

Q3. In the following display, ethernetl/6 is configured with an interface management profile that allows ping with no restriction on the source address: 

Given the following security policy rule base: 

What is the result of a ping sent from an address on the Trust-L3 zone to the IP address of ethernet1/6? 

A. The firewall will send an ICMP redirect message to the client. 

B. The client will receive an ICMP "destination unreachable" packet. 

C. The interface will respond. 

D. The traffic will be dropped by the firewall. 

View Answer

Q4. A user is reporting that they cannot download a PDF file from the internet. 

Which action will show whether the downloaded file has been blocked by a Security Profile? 

A. Filter the Session Browser for all sessions from the user with the application "adobe". 

B. Filter the System log for "Download Failed" messages. 

C. Filter the Traffic logs for all traffic from the user that resulted in a Deny action. 

D. Filter the Data Filtering logs for the user’s traffic and the name of the PDF file. 

View Answer

Q5. HOTSPOT 

Assuming that the default antivirus profile is installed, match each decoder with its default action. 

Answer options may be used more than once or not at all. 

View Answer

Q6. Which of the following types of protection are available in DoS policy? 

A. Session Limit, SYN Flood, UDP Flood 

B. Session Limit, Port Scanning, Host Swapping, UDP Flood 

C. Session Limit, SYN Flood, Host Swapping, UDP Flood 

D. Session Limit, SYN Flood, Port Scanning, Host Swapping 

View Answer

Q7. HOTSPOT 

Within a Zone Protection Profile, under the Reconnaissance Protection tab, there are several possible values for Action: 

Match each Reconnaissance Protection Action to its description. Answer options may be used more than once or not at all. 

View Answer

Q8. To properly configure DOS protection to limit the number of sessions individually from specific source IPs you would configure a DOS Protection rule with the following characteristics: 

A. Action: Protect, Classified Profile with "Resources Protection" configured, and Classified Address with "source-ip-only" configured 

B. Action: Deny, Aggregate Profile with "Resources Protection" configured 

C. Action: Protect, Aggregate Profile with "Resources Protection" configured 

D. Action: Deny, Classified Profile with "Resources Protection" configured, and Classified Address with "source-ip-only" configured 

View Answer

Q9. Where in the firewall GUI can an administrator see how many sessions of web-browsing traffic have occurred in the last day? 

A. Monitor->Session Browser 

B. Monitor->App Scope->Summary 

C. Objects->Applications->web-browsing 

D. ACC->Application 

View Answer

Q10. Which of the Dynamic Updates listed below are issued on a daily basis? 

A. Global Protect 

B. URL Filtering 

C. Antivirus 

D. Applications and Threats 

View Answer