- All Exams Instant Download
Which setting can the administrator configure on the firewall to log grayware verdicts?
Cortex XDR notifies an administrator about grayware on the endpoints. There are no entries about grayware in any of the logs of the corresponding firewall. Which setting can the administrator configure on the firewall to log grayware verdicts?A . within the log forwarding profile attached to the Security policy rule...
What procedure should you use so Panorama is fully managing the firewall?
A standalone firewall with local objects and policies needs to be migrated into Panorama. What procedure should you use so Panorama is fully managing the firewall?A . Use the "import Panorama configuration snapshot" operation, then perform a device-group commit push with "include device and network templates" B. Use the "import...
What is the correct setting?
A firewall administrator requires an A/P HA pair to fail over more quickly due to critical business application uptime requirements. What is the correct setting?A . Change the HA timer profile to "aggressive" or customize the settings in advanced profile. B. Change the HA timer profile to "fast". C. Change...
Which Mo variable types can be defined?
An engineer is creating a template and wants to use variables to standardize the configuration across a large number of devices. Which Mo variable types can be defined? (Choose two.)A . Path group B. Zone C. IP netmask D. FQDNView AnswerAnswer: C,D
What should the administrator do to prevent the forwarding of DNS traffic logs to syslog?
A firewall administrator wants to avoid overflowing the company syslog server with traffic logs. What should the administrator do to prevent the forwarding of DNS traffic logs to syslog?A . Disable logging on security rules allowing DNS. B. Go to the Log Forwarding profile used to forward traffic logs to...
Which two components are required to configure certificate based, secure authentication to the web Ul?
An administrator needs firewall access on a trusted interface. Which two components are required to configure certificate based, secure authentication to the web Ul? (Choose two)A . certificate profile B. server certificate C. SSH Service Profile D. SSL/TLS Service ProfileView AnswerAnswer: A,B
The UDP-4501 protocol-port is used between which two GlobalProtect components?
The UDP-4501 protocol-port is used between which two GlobalProtect components?A . GlobalProtect app and GlobalProtect gateway B. GlobalProtect portal and GlobalProtect gateway C. GlobalProtect app and GlobalProtect satellite D. GlobalProtect app and GlobalProtect portalView AnswerAnswer: A Explanation: UDP 4501 Used for IPSec tunnel connections between GlobalProtect apps and gateways. https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/firewall-administration/reference-port-number-usage/ports-used-for-globalprotect.html
Which CLI command is used to determine how much disk space is allocated to logs?
Which CLI command is used to determine how much disk space is allocated to logs?A . show logging-status B. show system info C. debug log-receiver show D. show system logdfo-quotaView AnswerAnswer: D
Which Panorama feature protects logs against data loss if a Panorama server fails?
Which Panorama feature protects logs against data loss if a Panorama server fails?A . Panorama HA automatically ensures that no logs are lost if a server fails inside the HA Cluster. B. Panorama Collector Group with Log Redundancy ensures that no logs are lost if a server fails inside the...
Which strategy is consistent with decryption best practices to ensure consistent performance?
A network security engineer wants to prevent resource-consumption issues on the firewall. Which strategy is consistent with decryption best practices to ensure consistent performance?A . Use RSA in a Decryption profile tor higher-priority and higher-risk traffic, and use less processor-intensive decryption methods for lower-risk traffic B. Use PFS in a...
