- All Exams Instant Download
Which Security policy rule type should they use?
An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone The administrator does not want to allow traffic between the DMZ and LAN zones. Which Security policy rule type should they use?A...
Which two fields could help in determining if this is normal?
An administrator is investigating a log entry for a session that is allowed and has the end reason of aged-out. Which two fields could help in determining if this is normal? (Choose two.)A . Packets sent/received B. IP Protocol C. Action D. DecryptedView AnswerAnswer: B,D
At a minimum, which three forms of information are required?
An administrator is configuring a NAT rule At a minimum, which three forms of information are required? (Choose three.)A . name B. source zone C. destination interface D. destination address E. destination zoneView AnswerAnswer: B,D,E
An address object of type IP Wildcard Mask can be referenced in which part of the configuration?
An address object of type IP Wildcard Mask can be referenced in which part of the configuration?A . Security policy rule B. ACC global filter C. external dynamic list D. NAT address poolView AnswerAnswer: A Explanation: You can use an address object of type IP Wildcard Mask only in a...
What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control? (Choose two.)
What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control? (Choose two.)A . SAML B. TACACS+ C. LDAP D. KerberosView AnswerAnswer: A,B Explanation: Reference: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/firewall-administration/manage-firewall-administrators/administrative-authentication.html The administrative accounts are defined on an external SAML, TACACS+, or RADIUS server. The server performs both...
Which command in Device > Setup > Operations would provide the most operationally efficient way to accomplish this?
After making multiple changes to the candidate configuration of a firewall, the administrator would like to start over with a candidate configuration that matches the running configuration. Which command in Device > Setup > Operations would provide the most operationally efficient way to accomplish this?A . Import named config snapshot...
Place the steps in the correct packet-processing order of operations
DRAG DROP Place the steps in the correct packet-processing order of operations. View AnswerAnswer: Explanation: Text, application, table Description automatically generated with medium confidence
What are three Palo Alto Networks best practices when implementing the DNS Security Service? (Choose three.)
What are three Palo Alto Networks best practices when implementing the DNS Security Service? (Choose three.)A . Implement a threat intel program. B. Configure a URL Filtering profile. C. Train your staff to be security aware. D. Rely on a DNS resolver. E. Plan for mobile-employee riskView AnswerAnswer: A,B,D
Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources?
Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources?A . Windows-based agent deployed on the internal network B. PAN-OS integrated agent deployed on the internal network C. Citrix terminal server deployed on the internal network D. Windows-based...
What command in Device > Setup > Operations would provide the most operationally efficient way to achieve this outcome?
Prior to a maintenance-window activity, the administrator would like to make a backup of only the running configuration to an external location. What command in Device > Setup > Operations would provide the most operationally efficient way to achieve this outcome?A . save named configuration snapshot B. export device state...
