- All Exams Instant Download
How can this be achieved?
A company is deploying User-ID in their network. The firewall learn needs to have the ability to see and choose from a list of usernames and user groups directly inside the Panorama policies when creating new security rules How can this be achieved?A . By configuring Data Redistribution Client in...
Which mechanism determines how the firewall chooses which route to use?
The same route appears in the routing table three times using three different protocols Which mechanism determines how the firewall chooses which route to use?A . Administrative distance B. Round Robin load balancing C. Order in the routing table D. MetricView AnswerAnswer: A Explanation: Administrative distance is the measure of...
What are the next steps to migrate configuration from the firewalls to Panorama?
A company with already deployed Palo Alto firewalls has purchased their first Panorama server. The security team has already configured all firewalls with the Panorama IP address and added all the firewall serial numbers in Panorama. What are the next steps to migrate configuration from the firewalls to Panorama?A ....
Which two statements correctly describe Session 380280? (Choose two.)
Which two statements correctly describe Session 380280? (Choose two.) A . The session went through SSL decryption processing. B. The session has ended with the end-reason unknown. C. The application has been identified as web-browsing. D. The session did not go through SSL decryption processing.View AnswerAnswer: A,C
What two methods can be used to pull this data from third party proxies?
An engineer needs to collect User-ID mappings from the company's existing proxies. What two methods can be used to pull this data from third party proxies? (Choose two.)A . Syslog B. XFF Headers C. Client probing D. Server MonitoringView AnswerAnswer: A,B
What must be taken into consideration when designing the device group structure?
An engineer is designing a deployment of multi-vsys firewalls. What must be taken into consideration when designing the device group structure?A . Multiple vsys and firewalls can be assigned to a device group, and a multi-vsys firewall must have all its vsys in a single device group. B. Only one...
In a Panorama template which three types of objects are configurable? (Choose three)
In a Panorama template which three types of objects are configurable? (Choose three)A . HIP objects B. QoS profiles C. interface management profiles D. certificate profiles E. security profilesView AnswerAnswer: A,C,E
Which User-ID mapping method should be used in a high-security environment where all IP address-to-user mappings should always be explicitly known?
Which User-ID mapping method should be used in a high-security environment where all IP address-to-user mappings should always be explicitly known?A . PAN-OS integrated User-ID agent B. GlobalProtect C. Windows-based User-ID agent D. LDAP Server Profile configurationView AnswerAnswer: B
What should the administrator do to allow the tool to scan through the firewall?
A system administrator runs a port scan using the company tool as part of vulnerability check. The administrator finds that the scan is identified as a threat and is dropped by the firewall. After further investigating the logs, the administrator finds that the scan is dropped in the Threat Logs....
Which certificate(s) need to be installed on the firewall to ensure that inspection is performed successfully?
An engineer is configuring SSL Inbound Inspection for public access to a company's application. Which certificate(s) need to be installed on the firewall to ensure that inspection is performed successfully?A . Self-signed CA and End-entity certificate B. Root CA and Intermediate CA(s) C. Self-signed certificate with exportable private key D....
