- All Exams Instant Download
Before you upgrade a Palo Alto Networks NGFW, what must you do?
Before you upgrade a Palo Alto Networks NGFW, what must you do?A . Make sure that the PAN-OS support contract is valid for at least another year B. Export a device state of the firewall C. Make sure that the firewall is running a version of antivirus software and a...
What is a common obstacle for decrypting traffic from guest devices?
An organization wishes to roll out decryption but gets some resistance from engineering leadership regarding the guest network. What is a common obstacle for decrypting traffic from guest devices?A . Guest devices may not trust the CA certificate used for the forward untrust certificate. B. Guests may use operating systems...
Where is information about packet buffer protection logged?
Where is information about packet buffer protection logged?A . Alert entries are in the Alarms log. Entries for dropped traffic, discarded sessions, and blocked IP address are in the Threat log B. All entries are in the System log C. Alert entries are in the System log. Entries for dropped...
When configuring forward error correction (FEC) for PAN-OS SD-WAN, an administrator would turn on the feature inside which type of SD-WAN profile?
When configuring forward error correction (FEC) for PAN-OS SD-WAN, an administrator would turn on the feature inside which type of SD-WAN profile?A . Certificate profile B. Path Quality profile C. SD-WAN Interface profile D. Traffic Distribution profileView AnswerAnswer: C
Given the information, what is the best choice for deploying User-ID to ensure maximum coverage?
A network security administrator has an environment with multiple forms of authentication. There is a network access control system in place that authenticates and restricts access for wireless users, multiple Windows domain controllers, and an MDM solution for company-provided smartphones. All of these devices have their authentication events logged. Given...
Place the steps in the WildFire process workflow in their correct order
DRAG DROP Place the steps in the WildFire process workflow in their correct order. View AnswerAnswer: Explanation: Timeline Description automatically generated https://docs.paloaltonetworks.com/wildfire/9-1/wildfire-admin/wildfire-overview/about-wildfire.html
What must be configured in order to select users and groups for those rules from Panorama?
An administrator needs to build Security rules in a Device Group that allow traffic to specific users and groups defined in Active Directory What must be configured in order to select users and groups for those rules from Panorama?A . The Security rules must be targeted to a firewall in...
What command should be used?
An engineer needs to see how many existing SSL decryption sessions are traversing a firewall What command should be used?A . show dataplane pool statistics I match proxy B. debug dataplane pool statistics I match proxy C. debug sessions I match proxy D. show sessions allView AnswerAnswer: B
What are two best practices for incorporating new and modified App-IDs? (Choose two)
What are two best practices for incorporating new and modified App-IDs? (Choose two)A . Configure a security policy rule to allow new App-lDs that might have network-wide impact B. Study the release notes and install new App-IDs if they are determined to have low impact C. Perform a Best Practice...
What are two common reasons to use a "No Decrypt" action to exclude traffic from SSL decryption? (Choose two.)
What are two common reasons to use a "No Decrypt" action to exclude traffic from SSL decryption? (Choose two.)A . the website matches a category that is not allowed for most users B. the website matches a high-risk category C. the web server requires mutual authentication D. the website matches...
