You receive notification about a new malware that infects hosts An infection results in the infected host attempting to contact a command-and-control server Which Security Profile when applied to outbound Security policy rules detects and prevents this threat from establishing a command-and-control connection?

1. A. Antivirus Profile
2. B. Data Filtering Profile
3. C. Vulnerability Protection Profile
4. D. Anti-Spyware Profile

Correct Answer: D
Anti-Spyware Security Profiles block spyware on compromised hosts from trying to communicate with external command-and-control (C2) servers, thus enabling you to detect malicious traffic leaving the network from infected clients.

Assume a custom URL Category Object of "NO-FILES" has been created to identify a specific website
How can file uploading/downloading be restricted for the website while permitting general browsing access to that website?

1. A. Create a Security policy with a URL Filtering profile that references the site access setting of continue to NO-FILES
2. B. Create a Security policy with a URL Filtering profile that references the site access setting of block to NO-FILES
3. C. Create a Security policy that references NO-FILES as a URL Category qualifier, with an appropriate Data Filtering profile
4. D. Create a Security policy that references NO-FILES as a URL Category qualifier, with an appropriate File Blocking profile

Correct Answer: B

How can a complete overview of the logs be displayed to an administrator who has
permission in the system to view them?

1. A. Select the unified log entry in the side menu.
2. B. Modify the number of columns visible on the page
3. C. Modify the number of logs visible on each page.
4. D. Select the system logs entry in the side menu.

Correct Answer: A
The best way to view a complete overview of the logs is to select the unified log entry in the side menu. The unified log is a single view that displays all the logs generated by the firewall, such as traffic, threat, URL filtering, data filtering, and WildFire logs1. The unified log allows the administrator to filter, sort, and export the logs based on various criteria, such as time range, severity, source, destination, application, or action1.
Modifying the number of columns visible on the page or the number of logs visible on each page does not provide a complete overview of the logs, but only changes the display settings of the current log view. Selecting the system logs entry in the side menu does not show all the logs generated by the firewall, but only shows the logs related to system events, such as configuration changes, system alerts, or HA status2.
References:
1: View Logs - Palo Alto Networks 2: View and Manage Logs - Palo Alto Networks

Given the detailed log information above, what was the result of the firewall traffic inspection?

1. A. It was blocked by the Vulnerability Protection profile action.
2. B. It was blocked by the Anti-Virus Security profile action.
3. C. It was blocked by the Anti-Spyware Profile action.
4. D. It was blocked by the Security policy action.

Correct Answer: C

Which interface type can use virtual routers and routing protocols?

1. A. Tap
2. B. Layer3
3. C. Virtual Wire
4. D. Layer2

Correct Answer: B