- All Exams Instant Download
Which administrative authentication method supports authorization by an external service?
Which administrative authentication method supports authorization by an external service?A . CertificatesB . LDAPC . RADIUSD . SSH keysView AnswerAnswer: C
Which DoS protection mechanism detects and prevents session exhaustion attacks?
Which DoS protection mechanism detects and prevents session exhaustion attacks?A . Packet Based Attack ProtectionB . Flood ProtectionC . Resource ProtectionD . TCP Port Scan ProtectionView AnswerAnswer: C Explanation: Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/dos-protection-profiles
Which CLI command is used to simulate traffic going through the firewall and determine which Security policy rule, NAT translation, static route, or PBF rule will be triggered by the traffic?
Which CLI command is used to simulate traffic going through the firewall and determine which Security policy rule, NAT translation, static route, or PBF rule will be triggered by the traffic?A . checkB . findC . testD . simView AnswerAnswer: C Explanation: Reference: http://www.shanekillen.com/2014/02/palo-alto-useful-cli-commands.html
Which operation will impact the performance of the management plane?
Which operation will impact the performance of the management plane?A . WildFire SubmissionsB . DoS ProtectionC . decrypting SSL SessionsD . Generating a SaaS Application Report.View AnswerAnswer: D Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClSvCAK Decrypting SSL Sessions is a dataplane task.DoS Protection is a Dataplane task. Wildfire submissions is a Dataplane task. Generating a...
Which User-ID mapping solution will map multiple users who are using Citrix to connect to the network and access resources?
An administrator has users accessing network resources through Citrix XenApp 7 x. Which User-ID mapping solution will map multiple users who are using Citrix to connect to the network and access resources?A . Client ProbingB . Terminal Services agentC . GlobalProtectD . Syslog MonitoringView AnswerAnswer: C
Which method does an administrator use to integrate all non-native MFA platforms in PAN-OS® software?
Which method does an administrator use to integrate all non-native MFA platforms in PAN-OSĀ® software?A . OktaB . DUOC . RADIUSD . PingIDView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/authentication/authentication-types/multi-factor-authentication
What are the two behavior differences between Highlight Unused Rules and the Rule Usage Hit counter when a firewall is rebooted? (Choose two.)
What are the two behavior differences between Highlight Unused Rules and the Rule Usage Hit counter when a firewall is rebooted? (Choose two.)A . Rule Usage Hit counter will not be resetB . Highlight Unused Rules will highlight all rules.C . Highlight Unused Rules will highlight zero rules.D . Rule...
Which feature can provide NGFWs with User-ID mapping information?
Which feature can provide NGFWs with User-ID mapping information?A . Web CaptchaB . Native 802.1q authenticationC . GlobalProtectD . Native 802.1x authenticationView AnswerAnswer: C
Which two options enable the administrator to troubleshoot this issue?
An administrator has enabled OSPF on a virtual router on the NGFW. OSPF is not adding new routes to the virtual router. Which two options enable the administrator to troubleshoot this issue? (Choose two.)A . View Runtime Stats in the virtual router.B . View System logs.C . Add a redistribution...
How would an administrator configure the interface to 1Gbps?
A speed/duplex negotiation mismatch is between the Palo Alto Networks management port and the switch port which it connects. How would an administrator configure the interface to 1Gbps?A . set deviceconfig interface speed-duplex 1Gbps-full-duplexB . set deviceconfig system speed-duplex 1Gbps-duplexC . set deviceconfig system speed-duplex 1Gbps-full-duplexD . set deviceconfig Interface...
