- All Exams Instant Download
What are two valid selections within an Antivirus profile? (Choose two.)
What are two valid selections within an Antivirus profile? (Choose two.)A . deny B. drop C. default D. block-ipView AnswerAnswer: B,C
Which data flow direction is protected in a zero trust firewall deployment that is not protected in a perimeter-only firewall deployment?
Which data flow direction is protected in a zero trust firewall deployment that is not protected in a perimeter-only firewall deployment?A . outbound B. north south C. inbound D. east westView AnswerAnswer: D
Which Security policy match condition would an administrator use to block traffic from IP addresses on the Palo Alto Networks EDL of Known Malicious IP Addresses list?
Which Security policy match condition would an administrator use to block traffic from IP addresses on the Palo Alto Networks EDL of Known Malicious IP Addresses list?A . destination address B. source address C. destination zone D. source zoneView AnswerAnswer: B Explanation: Reference: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/external-dynamic-list.html
Which action related to App-ID updates will enable a security administrator to view the existing security policy rule that matches new application signatures?
Which action related to App-ID updates will enable a security administrator to view the existing security policy rule that matches new application signatures?A . Review Policies B. Review Apps C. Pre-analyze D. Review App MatchesView AnswerAnswer: A Explanation: References: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/app-id/manage-new-app-ids-introduced-incontent-releases/review-new-app-id-impact-on- existing-policy-rules
URL categories can be used as match criteria on which two policy types? (Choose two.)
URL categories can be used as match criteria on which two policy types? (Choose two.)A . authentication B. decryption C application override C. NATView AnswerAnswer: A,B Explanation: Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/url-filtering/url-filtering-concepts/url-category-as-policy-match-criteria.html
What must be considered with regards to content updates deployed from Panorama?
What must be considered with regards to content updates deployed from Panorama?A . Content update schedulers need to be configured separately per device group. B. Panorama can only install up to five content versions of the same type for potential rollback scenarios. C. A PAN-OS upgrade resets all scheduler configurations...
Which type of single unified engine will get this result?
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?A . User-ID B. App-ID C. Security Processing Engine D. Content-IDView AnswerAnswer: A
Given the scenario, which two statements are correct regarding multiple static default routes? (Choose two.)
Given the scenario, which two statements are correct regarding multiple static default routes? (Choose two.) A . Path monitoring does not determine if route is useable B. Route with highest metric is actively used C. Path monitoring determines if route is useable D. Route with lowest metric is actively usedView...
Complete the statement. A security profile can block or allow traffic____________
Complete the statement. A security profile can block or allow traffic____________A . on unknown-tcp or unknown-udp traffic B. after it is matched by a security policy that allows traffic C. before it is matched by a security policy D. after it is matched by a security policy that allows or...
What is the most appropriate NAT policy to achieve this?
An administrator wants to create a NAT policy to allow multiple source IP addresses to be translated to the same public IP address . What is the most appropriate NAT policy to achieve this?A . Dynamic IP and Port B. Dynamic IP C. Static IP D. DestinationView AnswerAnswer: A
