- All Exams Instant Download
What must be taken into consideration when designing the device group structure?
An engineer is designing a deployment of multi-vsys firewalls. What must be taken into consideration when designing the device group structure?A . Multiple vsys and firewalls can be assigned to a device group, and a multi-vsys firewall must have all its vsys in a single device group. B. Only one...
In a Panorama template which three types of objects are configurable? (Choose three)
In a Panorama template which three types of objects are configurable? (Choose three)A . HIP objects B. QoS profiles C. interface management profiles D. certificate profiles E. security profilesView AnswerAnswer: A,C,E
Which User-ID mapping method should be used in a high-security environment where all IP address-to-user mappings should always be explicitly known?
Which User-ID mapping method should be used in a high-security environment where all IP address-to-user mappings should always be explicitly known?A . PAN-OS integrated User-ID agent B. GlobalProtect C. Windows-based User-ID agent D. LDAP Server Profile configurationView AnswerAnswer: B
What should the administrator do to allow the tool to scan through the firewall?
A system administrator runs a port scan using the company tool as part of vulnerability check. The administrator finds that the scan is identified as a threat and is dropped by the firewall. After further investigating the logs, the administrator finds that the scan is dropped in the Threat Logs....
Which certificate(s) need to be installed on the firewall to ensure that inspection is performed successfully?
An engineer is configuring SSL Inbound Inspection for public access to a company's application. Which certificate(s) need to be installed on the firewall to ensure that inspection is performed successfully?A . Self-signed CA and End-entity certificate B. Root CA and Intermediate CA(s) C. Self-signed certificate with exportable private key D....
Which two methods should be used to identify the dependent applications for the respective rule?
An administrator creates an application-based security policy rule and commits the change to the firewall. Which two methods should be used to identify the dependent applications for the respective rule? (Choose two.)A . Use the show predefined xpath <value> command and review the output. B. Review the App Dependency application...
Four configuration choices are listed, and each could be used to block access to a specific URL II you configured each choice to block the same URL, then which choice would be evaluated last in the processing order to block access to the URL1?
Four configuration choices are listed, and each could be used to block access to a specific URL II you configured each choice to block the same URL, then which choice would be evaluated last in the processing order to block access to the URL1?A . PAN-DB URL category in URL...
WildFire will submit for analysis blocked files that match which profile settings?
WildFire will submit for analysis blocked files that match which profile settings?A . files matching Anti-Spyware signatures B. files that are blocked by URL filtering C. files that are blocked by a File Blocking profile D. files matching Anti-Virus signaturesView AnswerAnswer: D
Given the screenshot, how did the firewall handle the traffic?
Given the screenshot, how did the firewall handle the traffic? A . Traffic was allowed by profile but denied by policy as a threat B. Traffic was allowed by policy but denied by profile as.. C. Traffic was allowed by policy but denied by profile as .. D. Traffic was...
Which configuration is backed up using the Scheduled Config Export feature in Panorama?
Which configuration is backed up using the Scheduled Config Export feature in Panorama?A . Panorama running configuration B. Panorama candidate configuration C. Panorama candidate configuration and candidate configuration of all managed devices D. Panorama running configuration and running configuration of all managed devicesView AnswerAnswer: D