If a universal security rule was created for source zones A & B and destination zones A & B, to which traffic would the rule apply?
If a universal security rule was created for source zones A & B and destination zones A & B, to which traffic would the rule apply?A . Some traffic between A & B B. Some traffic within A C. All traffic within zones A & B D. Some traffic within...
What are three factors that can be used in domain generation algorithms? (Choose three.)
What are three factors that can be used in domain generation algorithms? (Choose three.)A . cryptographic keys B. time of day C. other unique values D. URL custom categories E. IP addressView AnswerAnswer: ABC Explanation: Domain generation algorithms (DGAs) are used to auto-generate domains, typically in large numbers within the...
When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?
When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None? A . Translation Type B. Interface C. Address Type D. IP AddressView AnswerAnswer: A
Which object should the administrator use as a match condition in the Security policy?
An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or object when new applications are released. Which object should the administrator use as a match condition in the Security policy?A . the...
What is the maximum number of entries that they can be excluded?
An administrator is trying to enforce policy on some (but not all) of the entries in an external dynamic list. What is the maximum number of entries that they can be excluded?A . 50 B. 100 C. 200 D. 1,000View AnswerAnswer: B Explanation: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/exclude-entries-from-an-external-dynamic-list
Which three filter columns are available when setting up an Application Filter? (Choose three.)
Which three filter columns are available when setting up an Application Filter? (Choose three.)A . Parent App B. Category C. Risk D. Standard Ports E. SubcategoryView AnswerAnswer: BCE Explanation: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-application-filters
When creating a custom URL category object, which is a valid type?
When creating a custom URL category object, which is a valid type?A . domain match B. host names C. wildcard D. category matchView AnswerAnswer: D Explanation: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-web-interface-help/objects/objects-custom-objects-url-category.html
Which Security profile must be added to Security policies to enable DNS Signatures to be checked?
Which Security profile must be added to Security policies to enable DNS Signatures to be checked?A . URL Filtering B. Vulnerability Protection C. Anti-Spyware D. AntivirusView AnswerAnswer: C Explanation: In addition, you can enable the DNS sinkholing action in Anti-Spyware profiles to enable the firewall to forge a response to...
A Security Profile can block or allow traffic at which point?
A Security Profile can block or allow traffic at which point?A . after it is matched to a Security policy rule that allows traffic B. on either the data plane or the management plane C. after it is matched to a Security policy rule that allows or blocks traffic D....
Which two statements are true for the DNS Security service introduced in PAN-OS version 10.0?
Which two statements are true for the DNS Security service introduced in PAN-OS version 10.0? (Choose two.)A . It is automatically enabled and configured. B. It eliminates the need for dynamic DNS updates. C. It functions like PAN-DB and requires activation through the app portal. D. It removes the 100K...