Which of the following is an appropriate first step for a customer interested in moving to Zero Trust?A . Ask administrators to switch on the Zero Trust options and features of their current products. B. Secure the funding required to incorporate the new architecture into their existing networks. C. Set priorities by identifying the...
Which feature allows a customer to gain visibility and respond to changes in user behavior or potential threats without manual policy changes?
Which feature allows a customer to gain visibility and respond to changes in user behavior or potential threats without manual policy changes?A . User-ID agent B. dynamic user groups (DUGs) C. Lightweight Directory Access Protocol (LDAP) sync D. dynamic address objects View Answer Answer: B...
Which section of a Security Lifecycle Review (SLR) report summarizes risk exposure by breaking down a detected attack on the network?
Which section of a Security Lifecycle Review (SLR) report summarizes risk exposure by breaking down a detected attack on the network?A . Advanced URL Filtering Analysis B. SaaSApplications C. Threats at a Glance D. Applications that Introduce Risk View Answer Answer: C...
Which architecture is unique to Palo Alto Networks and results in no additional performance overhead when enabling additional features?
Which architecture is unique to Palo Alto Networks and results in no additional performance overhead when enabling additional features?A . multi-pass B. multiple-core threaded C. single-pass D. no-pass View Answer Answer: C...
Which two deployment types are supported in this circumstance?
An administrator wants to deploy a pair of firewalls in an active/active high availability (HA) architecture. Which two deployment types are supported in this circumstance? (Choose two.)A . Layer 3 B. TAP mode C. Virtual Wire D. Layer 2 View Answer Answer: A,C Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClzkCAC https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/hamodes#id15a9d293-d220-431a-b616-bea9eedfdab2...
How does Cloud Identity Engine (CIE) simplify deployment of cloudbased services to provide user authentication?
How does Cloud Identity Engine (CIE) simplify deployment of cloudbased services to provide user authentication?A . It allows configuration of an authentication source once instead of for eachauthentication method. B. It expands the capability to filter and forward decrypted and non-decrypted Transport Layer Security (TLS) traffic. C. It ensures that a compromised master key...
Which two of the following are benefits of the Palo AltoNetworks Zero Trust architecture? (Choose two.)
Which two of the following are benefits of the Palo AltoNetworks Zero Trust architecture? (Choose two.)A . tighter access control B. increased detection of threats and infiltration C. more network segments D. cloud-based virtual private network (VPN) View Answer Answer: A,B...
Which Secure Sockets Layer (SSL) decryption method supported by Palo Alto Networks would allow the SOC to see this data?
The Security Operations Center (SOC) has noticed that a user has large amounts of data going to and coming from an external encrypted website. The SOC would like to identify the data being sent to and received from this website. Which Secure Sockets Layer (SSL) decryption method supported by Palo Alto Networks would allow...
Which architecture allows a Palo Alto Networks Next-Generation Firewall (NGFW) to achieve high performance with all security features enabled?
Which architecture allows a Palo Alto Networks Next-Generation Firewall (NGFW) to achieve high performance with all security features enabled?A . single-pass parallel processing B. dual-pass processing C. multi-core processing D. parallel-pass single processing View Answer Answer: A...
Which traffic will be blocked when application-default service is set on a Security policy?
Which traffic will be blocked when application-default service is set on a Security policy?A . SSH traffic on TCP/22 B. HTTPS traffic on TCP/443 C. HTTP traffic on TCP/81 D. DNS traffic on UDP/53 View Answer Answer: C...