- All Exams Instant Download
Which type of role-based access is most appropriate for this project?
A superuser is tasked with creating administrator accounts for three contractors. For compliance purposes, all three contractors will be working with different device-groups in their hierarchy to deploy policies and objects. Which type of role-based access is most appropriate for this project?A . Create a Dynamic Admin with the Panorama...
The following objects and policies are defined in a device group hierarchy
The following objects and policies are defined in a device group hierarchy A) B) C) Address Objects -Shared Address 1 -Branch Address2 Policies -Shared Polic1 l -Branch Policyl D) Address Objects -Shared Addressl -Shared Address2 -Branch Addressl Policies -Shared Policyl -Shared Policy2 -Branch PolicylA . Option AB . Option BC...
A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents over HTTP(S). Traffic from Trust to DMZ is being decrypted with a Forward Proxy rule.
A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents...
Which CLI command displays the physical media that are connected to ethernetl/8?
Which CLI command displays the physical media that are connected to ethernetl/8?A . > show system state filter-pretty sys.si.p8.statsB . > show interface ethernetl/8C . > show system state filter-pretty sys.sl.p8.phyD . > show system state filter-pretty sys.si.p8.medView AnswerAnswer: D
What are the two behavior differences between Highlight Unused Rules and the Rule Usage Hit counter when a firewall is rebooted? (Choose two.)
What are the two behavior differences between Highlight Unused Rules and the Rule Usage Hit counter when a firewall is rebooted? (Choose two.)A . Rule Usage Hit counter will not be resetB . Highlight Unused Rules will highlight all rules.C . Highlight Unused Rules will highlight zero rules.D . Rule...
What needs to be updated first?
An administrator wants to upgrade an NGFW from PAN-OS® 9.0 to PAN-OS® 10.0. The firewall is not a part of an HA pair . What needs to be updated first?A . XML AgentB . Applications and ThreatsC . WildFireD . PAN-OS® Upgrade AgentView AnswerAnswer: B Explanation: https://www.paloaltonetworks.com/documentation/80/pan-os/newfeaturesguide/upgrade-to-pan-os-80/upgrade-the-firewall-to-pan-os-80/upgrade-a-firewall-to-pan-os-80
Which action disables Zero Touch Provisioning (ZTP) functionality on a ZTP firewall during the onboarding process?
Which action disables Zero Touch Provisioning (ZTP) functionality on a ZTP firewall during the onboarding process?A . performing a local firewall commitB . removing the firewall as a managed device in PanoramaC . performing a factory reset of the firewallD . removing the Panorama serial number from the ZTP serviceView...
Place the steps in the WildFire process workflow in their correct order
DRAG DROP Place the steps in the WildFire process workflow in their correct order. View AnswerAnswer: Explanation: Timeline Description automatically generated https://docs.paloaltonetworks.com/wildfire/9-1/wildfire-admin/wildfire-overview/about-wildfire.html
What are two characteristic types that can be defined for a variable? (Choose two)
What are two characteristic types that can be defined for a variable? (Choose two)A . zoneB . FQDNC . path groupD . IP netmaskView AnswerAnswer: B,D Explanation: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-web-interface-help/panorama-web-interface/panorama-templates/panorama-templates-template-variable.html
Which value in the Application column indicates UDP traffic that did not match an App-ID signature?
Which value in the Application column indicates UDP traffic that did not match an App-ID signature?A . not-applicableB . incompleteC . unknown-ipD . unknown-udpView AnswerAnswer: D Explanation: To safely enable applications you must classify all traffic, across all ports, all the time. With App-ID, the only applications that are typically...
