- All Exams Instant Download
Which two Palo Alto Networks security management tools provide a consolidated creation of policies, centralized management and centralized threat intelligence. (Choose two.)
Which two Palo Alto Networks security management tools provide a consolidated creation of policies, centralized management and centralized threat intelligence. (Choose two.)A . GlobalProtectB . PanoramaC . ApertureD . AutoFocusView AnswerAnswer: B,D
Which statement is true regarding a Best Practice Assessment?
Which statement is true regarding a Best Practice Assessment?A . The BPA tool can be run only on firewallsB . It provides a percentage of adoption for each assessment dataC . The assessment, guided by an experienced sales engineer, helps determine the areas of greatest risk where you should focus...
What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?
What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?A . authentication sequenceB . LDAP server profileC . authentication server listD . authentication list profileView AnswerAnswer: A
Which prevention technique will prevent attacks based on packet count?
Which prevention technique will prevent attacks based on packet count?A . zone protection profileB . URL filtering profileC . antivirus profileD . vulnerability profileView AnswerAnswer: A
How is the hit count reset on a rule?
How is the hit count reset on a rule?A . select a security policy rule, right click Hit Count > ResetB . with a dataplane rebootC . Device > Setup > Logging and Reporting Settings > Reset Hit CountD . in the CLI, type command reset hitcount <POLICY-NAME>View AnswerAnswer: A
Given the topology, which zone type should interface E1/1 be configured with?
Given the topology, which zone type should interface E1/1 be configured with? A . TapB . TunnelC . Virtual WireD . Layer3View AnswerAnswer: A
Which security profile feature could have been used to prevent the communication with the CnC server?
The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data...
Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?
Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?A . GlobalProtectB . AutoFocusC . ApertureD . PanoramaView AnswerAnswer: A
What configuration-changes should the Firewall-admin make?
A server-admin in the USERS-zone requires SSH-access to all possible servers in all current and future Public Cloud environments. All other required connections have already been enabled between the USERS- and the OUTSIDE-zone. What configuration-changes should the Firewall-admin make?A . Create a custom-service-object called SERVICE-SSH for destination-port-TCP-22. Create a security-rule...
Complete the statement. A security profile can block or allow traffic____________
Complete the statement. A security profile can block or allow traffic____________A . on unknown-tcp or unknown-udp trafficB . after it is matched by a security policy that allows trafficC . before it is matched by a security policyD . after it is matched by a security policy that allows or...
