- All Exams Instant Download
Why are VM-Series firewall s and hardware firewall s that are external to the Kubernetes cluster problematic for protecting containerized workloads?
Why are VM-Series firewall s and hardware firewall s that are external to the Kubernetes cluster problematic for protecting containerized workloads?A . They are located outside the cluster and have no visibility into application-level cluster traffic.B . They do not scale independently of the Kubernetes cluster.C . They are managed...
When implementing active-active high availability (HA), which feature must be configured to allow the HA pair to share a single IP address that may be used as the network's gateway IP address?
When implementing active-active high availability (HA), which feature must be configured to allow the HA pair to share a single IP address that may be used as the network's gateway IP address?A . ARP load sharingB . Floating IP addressC . HSRPD . VRRPView AnswerAnswer: B
What is a benefit of network runtime security?
What is a benefit of network runtime security?A . It more narrowly focuses on one security area and requires careful customization, integration, and maintenance.B . It removes vulnerabilities that have been baked into containers.C . It is siloed to enhance workload security.D . It identifies unknown vulnerabilities that cannot be...
What Palo Alto Networks software firewall protects Amazon Web Services (AWS) deployments with network security delivered as a managed cloud service?
What Palo Alto Networks software firewall protects Amazon Web Services (AWS) deployments with network security delivered as a managed cloud service?A . VM-SeriesB . Cloud next-generation firewall (NGFW)C . CN-SeriesD . Ion-Series Ion-SeriesView AnswerAnswer: B
Which solution is best for securing an EKS environment?
Which solution is best for securing an EKS environment?A . VM-Series single hostB . CN-Series high availability (HA) pairC . PA-Series using load sharingD . API orchestrationView AnswerAnswer: B
Which PAN-OS feature allows for automated updates to address objects when VM-Series firewalls are setup as part of an NSX deployment?
Which PAN-OS feature allows for automated updates to address objects when VM-Series firewalls are setup as part of an NSX deployment?A . Boundary automationB . Hypervisor integrationC . BootstrappingD . Dynamic Address GroupView AnswerAnswer: D Explanation: Dynamic Address Group is the PAN-OS feature that allows for automated updates to address...
Which two subscriptions should be recommended to a customer who is deploying VM-Series firewalls to a private data center but is concerned about protecting data-center resources from malware and lateral movement? (Choose two.)
Which two subscriptions should be recommended to a customer who is deploying VM-Series firewalls to a private data center but is concerned about protecting data-center resources from malware and lateral movement? (Choose two.)A . Intelligent Traffic OffloadB . Threat PreventionC . WildFireD . SD-WANView AnswerAnswer: B, C Explanation: Threat Prevention...
Which two factors lead to improved return on investment for prospects interested in Palo Alto Networks virtualized next-generation firewalls (NGFWs)? (Choose two.)
Which two factors lead to improved return on investment for prospects interested in Palo Alto Networks virtualized next-generation firewalls (NGFWs)? (Choose two.)A . Decreased likelihood of data breachB . Reduced operational expendituresC . Reduced time to deployD . Reduced insurance premiumsView AnswerAnswer: A, C Explanation: The two factors that lead...
A CN-Series firewall can secure traffic between which elements?
A CN-Series firewall can secure traffic between which elements?A . Host containersB . Source applicationsC . ContainersD . IPodsView AnswerAnswer: C Explanation: Containers are the elements that a CN-Series firewall can secure traffic between. Containers are isolated units of software that run on a shared operating system and have their...
Which technology allows for granular control of east-west traffic in a software-defined network?
Which technology allows for granular control of east-west traffic in a software-defined network?A . RoutingB . MicroseqmentationC . MAC Access Control ListD . VirtualizationView AnswerAnswer: B Explanation: Microsegmentation is a technology that allows for granular control of east-west traffic in a software-defined network. Microsegmentation divides the network into smaller segments...
