Which dynamic role does the administrator assign to the new-hire colleague?
An administrator wants to grant read-only access to all firewall settings, except administrator accounts, to a new-hire colleague in the IT department. Which dynamic role does the administrator assign to the new-hire colleague?A . Device administrator (read-only) B. System administrator (read-only) C. Firewall administrator (read-only) D. Superuser (read-only)View AnswerAnswer: D
Which type of policy in Palo Alto Networks firewalls can use Device-ID as a match condition?
Which type of policy in Palo Alto Networks firewalls can use Device-ID as a match condition?A . NAT B. DOS protection C. QoS D. Tunnel inspectionView AnswerAnswer: A
Which dynamic role does the administrator assign to the new-hire colleague?
An administrator wants to grant read-only access to all firewall settings, except administrator accounts, to a new-hire colleague in the IT department. Which dynamic role does the administrator assign to the new-hire colleague?A . Device administrator (read-only) B. System administrator (read-only) C. Firewall administrator (read-only) D. Superuser (read-only)View AnswerAnswer: A
Which time determines how long the passive firewall will wait before taking over as the active firewall alter losing communications with the HA peer?
Which time determines how long the passive firewall will wait before taking over as the active firewall alter losing communications with the HA peer? A . Heartbeat Interval B. Additional Master Hold Up Time C. Promotion Hold Time D. Monitor Fall Hold Up TimeView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/high-availability/ha-concepts/ha-timers
The UDP-4501 protocol-port is used between which two GlobalProtect components?
The UDP-4501 protocol-port is used between which two GlobalProtect components?A . GlobalProtect app and GlobalProtect gateway B. GlobalProtect portal and GlobalProtect gateway C. GlobalProtect app and GlobalProtect satellite D. GlobalProtect app and GlobalProtect portalView AnswerAnswer: A Explanation: UDP 4501 Used for IPSec tunnel connections between GlobalProtect apps and gateways. https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/firewall-administration/reference-port-number-usage/ports-used-for-globalprotect.html
Which profile should be configured in order to achieve this?
A company requires that a specific set of ciphers be used when remotely managing their Palo Alto Networks appliances. Which profile should be configured in order to achieve this?A . SSH Service profile B. SSL/TLS Service profile C. Decryption profile D. Certificate profileView AnswerAnswer: A
What must be taken into consideration when designing the device group structure?
An engineer is designing a deployment of multi-vsys firewalls. What must be taken into consideration when designing the device group structure?A . Multiple vsys and firewalls can be assigned to a device group, and a multi-vsys firewall must have all its vsys in a single device group. B. Only one...
Which GlobalProtect gateway selling is required to enable split-tunneling by access route, destination domain, and application?
Which GlobalProtect gateway selling is required to enable split-tunneling by access route, destination domain, and application?A . No Direct Access to local networks B. Tunnel mode C. iPSec mode D. Satellite modeView AnswerAnswer: B Explanation: To enable split-tunneling by access route, destination domain, and application, you need to configure a...
An administrator needs to optimize traffic to prefer business-critical applications over non-critical applications QoS natively integrates with which feature to provide service quality?
An administrator needs to optimize traffic to prefer business-critical applications over non-critical applications QoS natively integrates with which feature to provide service quality?A . certificate revocation B. Content-ID C. App-ID8 9 B D. port inspectionView AnswerAnswer: C Explanation: QoS natively integrates with App-ID, which is a feature that identifies applications...
What is a key step in implementing WildFire best practices?
What is a key step in implementing WildFire best practices?A . In a mission-critical network, increase the WildFire size limits to the maximum value. B. Configure the firewall to retrieve content updates every minute. C. In a security-first network, set the WildFire size limits to the minimum value. D. Ensure...