- All Exams Instant Download
Which policy is required to enable source NAT on the firewall?
An internal host wants to connect to servers of the internet through using source NAT. Which policy is required to enable source NAT on the firewall?A . NAT policy with source zone and destination zone specified B. post-NAT policy with external source and any destination address C. NAT policy with...
Which built-in IP address EDL would be useful for preventing traffic from IP addresses that are verified as unsafe based on WildFire analysis Unit 42 research and data gathered from telemetry?
Which built-in IP address EDL would be useful for preventing traffic from IP addresses that are verified as unsafe based on WildFire analysis Unit 42 research and data gathered from telemetry?A . Palo Alto Networks C&C IP Addresses B. Palo Alto Networks Bulletproof IP Addresses C. Palo Alto Networks High-Risk...
Which Security Profile will detect and block access to this threat after the administrator updates the firewall's threat signature database?
An administrator receives a notification about new malware that is being used to attack hosts. The malware exploits a software bug in a common application. Which Security Profile will detect and block access to this threat after the administrator updates the firewall's threat signature database?A . Vulnerability Profile applied to...
Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?
Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?A . override B. allow C. block D. continueView AnswerAnswer: B
How are Application Filters or Application Groups used in firewall policy?
How are Application Filters or Application Groups used in firewall policy?A . An Application Group is a static way of grouping applications and cannot be configured as a nested member of Application Group. B. An Application Group is a dynamic way of grouping applications and can be configured as a...
Which Palo Alto Networks component provides consolidated policy creation and centralized management?
Which Palo Alto Networks component provides consolidated policy creation and centralized management?A . GlobalProtect B. Panorama C. Aperture D. AutoFocusView AnswerAnswer: B Explanation: https://www.paloaltonetworks.com/resources/datasheets/panorama-centralized-management-datasheet
Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can run malicious code against a targeted machine.
Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can run malicious code against a targeted machine. A . Exploitation B. Installation C. Reconnaissance D. Act on ObjectiveView AnswerAnswer: A Explanation: https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle
What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control? (Choose two.)
What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control? (Choose two.)A . SAML B. TACACS+ C. LDAP D. KerberosView AnswerAnswer: AB Explanation: The administrative accounts are defined on an external SAML, TACACS+, or RADIUS server. The server performs both authentication and...
Which statement is true regarding NAT rules?
Which statement is true regarding NAT rules?A . Static NAT rules have precedence over other forms of NAT. B. Translation of the IP address and port occurs before security processing. C. NAT rules are processed in order from top to bottom. D. Firewall supports NAT on Layer 3 interfaces only.View...
Which Security policy set should be used to ensure that a policy is applied first?
Which Security policy set should be used to ensure that a policy is applied first?A . Local firewall policy B. Shared pre-rulebase C. Parent device-group pre-rulebase D. Child device-group pre-rulebaseView AnswerAnswer: B