With the default TCP and UDP settings on the firewall, what will be the identified application in the following session?
With the default TCP and UDP settings on the firewall, what will be the identified application in the following session? A . IncompleteB . unknown-tcpC . Insufficient-dataD . not-applicableView AnswerAnswer: D Explanation: Traffic didnt match any other policies and so landed at the implicit "deny all" policy. If it's deny...
Which log type would provide information about traffic blocked by a Zone Protection profile?
Which log type would provide information about traffic blocked by a Zone Protection profile?A . Data FilteringB . IP-TagC . TrafficD . ThreatView AnswerAnswer: D Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClhzCAC D is the correct answer because the threat log type would provide information about traffic blocked by a Zone Protection profile. This is...
Which GloDalProtecI gateway setting is required to enable split-tunneting by access route, destination domain and application?
Which GloDalProtecI gateway setting is required to enable split-tunneting by access route, destination domain and application?A . Tunnel modeB . Satellite modeC . IPSec modeD . No Direct Access to local networksView AnswerAnswer: A Explanation: https://docs.paloaltonetworks.com/globalprotect/9-1/globalprotect-admin/globalprotect-gateways/split-tunnel-traffic-on-globalprotect-gateways/configure-a-split-tunnel-based-on-the-domain-and-application
What could an administrator do to troubleshoot the issue?
An administrator Just enabled HA Heartbeat Backup on two devices However, the status on tie firewall's dashboard is showing as down High Availability. What could an administrator do to troubleshoot the issue?A . Go to Device > High Availability> General > HA Pair Settings > Setup and configuring the peer...
What should the NAT rule destination zone be set to?
A firewall engineer creates a destination static NAT rule to allow traffic from the internet to a webserver hosted behind the edge firewall. The pre-NAT IP address of the server is 153.6 12.10, and the post-NAT IP address is 192.168.10.10. Refer to the routing and interfaces information below. What should...
After importing a pre-configured firewall configuration to Panorama, what step is required to ensure a commit/push is successful without duplicating local configurations?
After importing a pre-configured firewall configuration to Panorama, what step is required to ensure a commit/push is successful without duplicating local configurations?A . Ensure Force Template Values is checked when pushing configuration.B . Push the Template first, then push Device Group to the newly managed firewall.C . Perform the Export...
Given the following snippet of a WildFire submission log, did the end user successfully download a file?
Given the following snippet of a WildFire submission log, did the end user successfully download a file?A . No, because the URL generated an alert.B . Yes, because both the web-browsing application and the flash file have the 'alert" action.C . Yes, because the final action is set to "allow.''D...
Which log type will help the engineer verify whether packet buffer protection was activated?
An administrator troubleshoots an issue that causes packet drops. Which log type will help the engineer verify whether packet buffer protection was activated?A . Data FilteringB . ConfigurationC . ThreatD . TrafficView AnswerAnswer: C Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNGFCA4
What are two best practice deployment modes for the firewall?
A company wants to add threat prevention to the network without redesigning the network routing. What are two best practice deployment modes for the firewall? (Choose two.)A . VirtualWireB . Layer3C . TAPD . Layer2View AnswerAnswer: AD Explanation: A and D are the best practice deployment modes for the firewall...
For which three severity levels should single-packet captures be enabled to meet the Best Practice standard?
You are auditing the work of a co-worker and need to verify that they have matched the Palo Alto Networks Best Practices for Anti-Spyware Profiles. For which three severity levels should single-packet captures be enabled to meet the Best Practice standard? (Choose three.)A . LowB . HighC . CriticalD ....