- All Exams Instant Download
Which combination of features can allow PAN-OS to detect exploit traffic in a session with TLS encapsulation?
A firewall administrator needs to be able to inspect inbound HTTPS traffic on servers hosted in their DMZ to prevent the hosted service from being exploited. Which combination of features can allow PAN-OS to detect exploit traffic in a session with TLS encapsulation?A . Decryption policy and a Data Filtering...
Before an administrator of a VM-500 can enable DoS and zone protection, what actions need to be taken?
Before an administrator of a VM-500 can enable DoS and zone protection, what actions need to be taken?A . Measure and monitor the CPU consumption of the firewall data plane to ensure that each firewall is properly sized to support DoS and zone protection B. Create a zone protection profile...
What can be used to create dynamic address groups?
What can be used to create dynamic address groups?A . dynamic address B. region objects C. tags D. FODN addressesView AnswerAnswer: C
How should you configure the firewall to allow access to any office-suite application?
You need to allow users to access the office-suite applications of their choice. How should you configure the firewall to allow access to any office-suite application?A . Create an Application Group and add Office 365, Evernote Google Docs and Libre Office B. Create an Application Group and add business-systems to...
What is the best description of the HA4 Keep-Alive Threshold (ms)?
What is the best description of the HA4 Keep-Alive Threshold (ms)?A . the maximum interval between hello packets that are sent to verify that the HA functionality on the other firewall is operational. B. The time that a passive or active-secondary firewall will wait before taking over as the active...
Which combination of service and application, and order of Security policy rules, needs to be configured to allow cJeartext web-browsing traffic to this server on tcp/443?
A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443 A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents...
When you navigate to Network: > GlobalProtect > Portals > Method section, which three options are available? (Choose three)
When you navigate to Network: > GlobalProtect > Portals > Method section, which three options are available? (Choose three)A . user-logon (always on) B. pre-logon then on-demand C. on-demand (manual user initiated connection) D. post-logon (always on) E. certificate-logonView AnswerAnswer: A,B,C
Which configuration task is best for reducing load on the management plane?
Which configuration task is best for reducing load on the management plane?A . Disable logging on the default deny rule B. Enable session logging at start C. Disable pre-defined reports D. Set the URL filtering action to send alertsView AnswerAnswer: C
Which configuration is backed up using the Scheduled Config Export feature in Panorama?
Which configuration is backed up using the Scheduled Config Export feature in Panorama?A . Panorama running configuration B. Panorama candidate configuration C. Panorama candidate configuration and candidate configuration of all managed devices D. Panorama running configuration and running configuration of all managed devicesView AnswerAnswer: D
How should you configure the firewall to allow access to any office-suite application?
You need to allow users to access the office-suite applications of their choice. How should you configure the firewall to allow access to any office-suite application?A . Create an Application Group and add Office 365, Evernote Google Docs and Libre Office B. Create an Application Group and add business-systems to...
