If a universal security rule was created for source zones A & B and destination zones A & B, to which traffic would the rule apply?

If a universal security rule was created for source zones A & B and destination zones A & B, to which traffic would the rule apply?A . Some traffic between A & B B. Some traffic within A C. All traffic within zones A & B D. Some traffic within...

July 12, 2023No CommentsREAD MORE +

What are three factors that can be used in domain generation algorithms? (Choose three.)

What are three factors that can be used in domain generation algorithms? (Choose three.)A . cryptographic keys B. time of day C. other unique values D. URL custom categories E. IP addressView AnswerAnswer: ABC Explanation: Domain generation algorithms (DGAs) are used to auto-generate domains, typically in large numbers within the...

July 12, 2023No CommentsREAD MORE +

When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None? A . Translation Type B. Interface C. Address Type D. IP AddressView AnswerAnswer: A

July 12, 2023No CommentsREAD MORE +

Which object should the administrator use as a match condition in the Security policy?

An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or object when new applications are released. Which object should the administrator use as a match condition in the Security policy?A . the...

July 11, 2023No CommentsREAD MORE +

What is the maximum number of entries that they can be excluded?

An administrator is trying to enforce policy on some (but not all) of the entries in an external dynamic list. What is the maximum number of entries that they can be excluded?A . 50 B. 100 C. 200 D. 1,000View AnswerAnswer: B Explanation: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/exclude-entries-from-an-external-dynamic-list

July 11, 2023No CommentsREAD MORE +

Which three filter columns are available when setting up an Application Filter? (Choose three.)

Which three filter columns are available when setting up an Application Filter? (Choose three.)A . Parent App B. Category C. Risk D. Standard Ports E. SubcategoryView AnswerAnswer: BCE Explanation: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-application-filters

July 11, 2023No CommentsREAD MORE +

When creating a custom URL category object, which is a valid type?

When creating a custom URL category object, which is a valid type?A . domain match B. host names C. wildcard D. category matchView AnswerAnswer: D Explanation: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-web-interface-help/objects/objects-custom-objects-url-category.html

July 11, 2023No CommentsREAD MORE +

Which Security profile must be added to Security policies to enable DNS Signatures to be checked?

Which Security profile must be added to Security policies to enable DNS Signatures to be checked?A . URL Filtering B. Vulnerability Protection C. Anti-Spyware D. AntivirusView AnswerAnswer: C Explanation: In addition, you can enable the DNS sinkholing action in Anti-Spyware profiles to enable the firewall to forge a response to...

July 11, 2023No CommentsREAD MORE +

A Security Profile can block or allow traffic at which point?

A Security Profile can block or allow traffic at which point?A . after it is matched to a Security policy rule that allows traffic B. on either the data plane or the management plane C. after it is matched to a Security policy rule that allows or blocks traffic D....

July 11, 2023No CommentsREAD MORE +

Which two statements are true for the DNS Security service introduced in PAN-OS version 10.0?

Which two statements are true for the DNS Security service introduced in PAN-OS version 10.0? (Choose two.)A . It is automatically enabled and configured. B. It eliminates the need for dynamic DNS updates. C. It functions like PAN-DB and requires activation through the app portal. D. It removes the 100K...

July 11, 2023No CommentsREAD MORE +