- All Exams Instant Download
Which object should the administrator use as a match condition in the Security policy?
An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or object when new applications are released. Which object should the administrator use as a match condition in the Security policy?A . the...
Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic?
Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic?A . Layer 3 B. Virtual Wire C. Tap D. Layer 2View AnswerAnswer: A
Which statement best describes a common use of Policy Optimizer?
Which statement best describes a common use of Policy Optimizer?A . Policy Optimizer on a VM-50 firewall can display which Layer 7 App-ID Security policies have unused applications. B. Policy Optimizer can add or change a Log Forwarding profile for each Security policy selected. C. Policy Optimizer can display which...
Which object would an administrator create to enable access to all applications in the office-programs subcategory?
Which object would an administrator create to enable access to all applications in the office-programs subcategory?A . application filter B. URL category C. HIP profile D. application groupView AnswerAnswer: A
Which firewall feature do you need to configure to query Palo Alto Networks service updates over a data-plane interface instead of the management interface?
Which firewall feature do you need to configure to query Palo Alto Networks service updates over a data-plane interface instead of the management interface?A . Data redistribution B. Dynamic updates C. SNMP setup D. Service routeView AnswerAnswer: D
What is considered best practice with regards to committing configuration changes?
What is considered best practice with regards to committing configuration changes?A . Disable the automatic commit feature that prioritizes content database installations before committing B. Validate configuration changes prior to committing C. Wait until all running and pending jobs are finished before committing D. Export configuration after each single configuration...
Why doesn't the administrator see the traffic?
An administrator is troubleshooting traffic that should match the interzone-default rule. However, the administrator doesn't see this traffic in the traffic logs on the firewall. The interzone-default was never changed from its default configuration. Why doesn't the administrator see the traffic?A . Traffic is being denied on the interzone-default policy....
Which type firewall configuration contains in-progress configuration changes?
Which type firewall configuration contains in-progress configuration changes?A . backup B. running C. candidate D. committedView AnswerAnswer: C
Which the app-ID application will you need to allow in your security policy to use facebook-chat?
Which the app-ID application will you need to allow in your security policy to use facebook-chat?A . facebook-email B. facebook-base C. facebook D. facebook-chatView AnswerAnswer: B,D
Which action would yield the information?
An administrator would like to determine the default deny action for the application dns-over-https Which action would yield the information?A . View the application details in beacon paloaltonetworks.com B. Check the action for the Security policy matching that traffic C. Check the action for the decoder in the antivirus profile...
