An engineer is creating a template and wants to use variables to standardize the configuration across a large number of devices Which Mo variable types can be defined? (Choose two.)
An engineer is creating a template and wants to use variables to standardize the configuration across a large number of devices Which Mo variable types can be defined? (Choose two.)A . Path group B. Zone C. IP netmask D. FQDNView AnswerAnswer: C,D
What is a common obstacle for decrypting traffic from guest devices?
An organization wishes to roll out decryption but gets some resistance from engineering leadership regarding the guest network. What is a common obstacle for decrypting traffic from guest devices?A . Guest devices may not trust the CA certificate used for the forward untrust certificate. B. Guests may use operating systems...
What is considered the best practice with regards to zone protection?
What is considered the best practice with regards to zone protection?A . Review DoS threat activity (ACC > Block Activity) and look for patterns of abuse B. Use separate log-forwarding profiles to forward DoS and zone threshold event logs separately from other threat logs C. If the levels of zone...
PBF can address which two scenarios? (Select Two)
PBF can address which two scenarios? (Select Two)A . forwarding all traffic by using source port 78249 to a specific egress interface B. providing application connectivity the primary circuit fails C. enabling the firewall to bypass Layer 7 inspection D. routing FTP to a backup ISP link to save bandwidth...
A network administrator troubleshoots a VPN issue and suspects an IKE Crypto mismatch between peers. Where can the administrator find the corresponding logs after running a test command to initiate the VPN?
A network administrator troubleshoots a VPN issue and suspects an IKE Crypto mismatch between peers. Where can the administrator find the corresponding logs after running a test command to initiate the VPN?A . Configuration logs B. System logs C. Traffic logs D. Tunnel Inspection logsView AnswerAnswer: B
Which method should the administrator use when creating Forward Trust and Forward Untrust certificates on the firewall for use with decryption?
During the implementation of SSL Forward Proxy decryption, an administrator imports the company's Enterprise Root CA and Intermediate CA certificates onto the firewall. The company's Root and Intermediate CA certificates are also distributed to trusted devices using Group Policy and GlobalProtect. Additional device certificates and/or Subordinate certificates requiring an Enterprise...
What is a common obstacle for decrypting traffic from guest devices?
An organization wishes to roll out decryption but gets some resistance from engineering leadership regarding the guest network. What is a common obstacle for decrypting traffic from guest devices?A . Guest devices may not trust the CA certificate used for the forward untrust certificate. B. Guests may use operating systems...
Which CLI command is used to determine how much disk space is allocated to logs?
Which CLI command is used to determine how much disk space is allocated to logs?A . show logging-status B. show system info C. debug log-receiver show D. show system logdfo-quotaView AnswerAnswer: D
Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the NGFW to Panorama?
An administrator can not see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports. The configuration problem seems to be on the firewall. Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the NGFW to Panorama? A) B) C) D)...
Review the screenshot of the Certificates page.
Review the screenshot of the Certificates page. An administrator tor a small LLC has created a series of certificates as shown, to use tor a planned Decryption roll out The administrator has also installed the sell-signed root certificate <n all client systems When testing, they noticed that every time a...