Which two objects are configurable?

An administrator is configuring a Panorama device group Which two objects are configurable? (Choose two)A . DNS Proxy B. Address groups C. SSL/TLS roles D. URL Filtering profilesView AnswerAnswer: B,D Explanation: URL filtering is a feature in Palo Alto Networks firewalls that allows administrators to block access to specific URLs...

June 1, 2023 No Comments READ MORE +

When an in-band data port is set up to provide access to required services, what is required for an interface that is assigned to service routes?

When an in-band data port is set up to provide access to required services, what is required for an interface that is assigned to service routes?A . The interface must be used for traffic to the required services B. You must enable DoS and zone protection C. You must set...

June 1, 2023 No Comments READ MORE +

Which two configurations should you check on the firewall?

A firewall should be advertising the static route 10.2.0.0/24 Into OSPF. The configuration on the neighbor is correct, but the route is not in the neighbor's routing table. Which two configurations should you check on the firewall? (Choose two.)A . In the OSFP configuration, ensure that the correct redistribution profile...

June 1, 2023 No Comments READ MORE +

Where would the administrator go to edit a template variable at the device level?

An administrator needs to assign a specific DNS server to one firewall within a device group. Where would the administrator go to edit a template variable at the device level?A . Variable CSV export under Panorama > templates B. PDF Export under Panorama > templates C. Manage variables under Panorama...

May 31, 2023 No Comments READ MORE +

This issue is occurring because forwarding of which type of logs from the firewalls to Panorama is missing?

In an existing deployment, an administrator with numerous firewalls and Panorama does not see any WildFire logs in Panorama. Each firewall has an active WildFire subscription On each firewall. WildFire togs are available. This issue is occurring because forwarding of which type of logs from the firewalls to Panorama is...

May 31, 2023 No Comments READ MORE +

Which two methods should be used to identify the dependent applications for the respective rule?

An administrator creates an application-based security policy rule and commits the change to the firewall. Which two methods should be used to identify the dependent applications for the respective rule? (Choose two.)A . Use the show predefined xpath <value> command and review the output. B. Review the App Dependency application...

May 31, 2023 No Comments READ MORE +

Which of the following statements is a best practice for SSL decryption?

An engineer is planning an SSL decryption implementation Which of the following statements is a best practice for SSL decryption?A . Use the same Forward Trust certificate on all firewalls in the network. B. Obtain a certificate from a publicly trusted root CA for the Forward Trust certificate. C. Obtain...

May 31, 2023 No Comments READ MORE +

Given the screenshot, how did the firewall handle the traffic?

Given the screenshot, how did the firewall handle the traffic? A . Traffic was allowed by profile but denied by policy as a threat B. Traffic was allowed by policy but denied by profile as.. C. Traffic was allowed by policy but denied by profile as .. D. Traffic was...

May 31, 2023 No Comments READ MORE +

Which three components are necessary for inspecting the HTTPS traffic as it enters the firewall?

A network security administrator wants to configure SSL inbound inspection. Which three components are necessary for inspecting the HTTPS traffic as it enters the firewall? (Choose three.)A . An SSL/TLS Service profile B. The web server's security certificate with the private key C. A Decryption profile D. A Decryption policy...

May 31, 2023 No Comments READ MORE +

Which troubleshooting command should the engineer use to work around this issue?

An engineer receives reports from users that applications are not working and that websites are only partially loading in an asymmetric environment. After investigating, the engineer observes the flow_tcp_non_syn_drop counter increasing in the show counters global output. Which troubleshooting command should the engineer use to work around this issue?A ....

May 31, 2023 No Comments READ MORE +