- All Exams Instant Download
Which certificate(s) need to be installed on the firewall to ensure that inspection is performed successfully?
An engineer is configuring SSL Inbound Inspection for public access to a company's application. Which certificate(s) need to be installed on the firewall to ensure that inspection is performed successfully?A . Self-signed CA and End-entity certificate B. Root CA and Intermediate CA(s) C. Self-signed certificate with exportable private key D....
An engineer is configuring Packet Buffer Protection on ingress zones to protect from single-session DoS attacks Which sessions does Packet Buffer Protection apply to?
An engineer is configuring Packet Buffer Protection on ingress zones to protect from single-session DoS attacks Which sessions does Packet Buffer Protection apply to?A . It applies to existing sessions and is not global B. It applies to new sessions and is global C. It applies to new sessions and...
Which profile should be configured in order to achieve this?
A company requires that a specific set of ciphers be used when remotely managing their Palo Alto Networks appliances. Which profile should be configured in order to achieve this?A . SSH Service profile B. SSL/TLS Service profile C. Decryption profile D. Certificate profileView AnswerAnswer: A
Given the screenshot, how did the firewall handle the traffic?
Given the screenshot, how did the firewall handle the traffic? A . Traffic was allowed by profile but denied by policy as a threat B. Traffic was allowed by policy but denied by profile as.. C. Traffic was allowed by policy but denied by profile as .. D. Traffic was...
What are two best practices for incorporating new and modified App-IDs? (Choose two.)
What are two best practices for incorporating new and modified App-IDs? (Choose two.)A . Run the latest PAN-OS version in a supported release tree to have the best performance for the new App-IDs B. Configure a security policy rule to allow new App-IDs that might have network-wide impact C. Perform...
Where is the best place to validate if the firewall is blocking the user's TAR file?
A network security engineer has applied a File Blocking profile to a rule with the action of Block. The user of a Linux CLI operating system has opened a ticket. The ticket states that the user is being blocked by the firewall when trying to download a TAR file. The...
Given the screenshot, how did the firewall handle the traffic?
Given the screenshot, how did the firewall handle the traffic? A . Traffic was allowed by profile but denied by policy as a threat B. Traffic was allowed by policy but denied by profile as.. C. Traffic was allowed by policy but denied by profile as .. D. Traffic was...
Which profile generates a packet threat type found in threat logs?
Which profile generates a packet threat type found in threat logs?A . Zone Protection B. WildFire C. Anti-Spyware D. AntivirusView AnswerAnswer: A
WildFire will submit for analysis blocked files that match which profile settings?
WildFire will submit for analysis blocked files that match which profile settings?A . files matching Anti-Spyware signatures B. files that are blocked by URL filtering C. files that are blocked by a File Blocking profile D. files matching Anti-Virus signaturesView AnswerAnswer: C
Which three types of interfaces support SSL Forward Proxy?
An engineer configures SSL decryption in order to have more visibility to the internal users' traffic when it is regressing the firewall. Which three types of interfaces support SSL Forward Proxy? (Choose three.)A . High availability (HA) B. Layer C. Virtual Wire D. Tap E. Layer 3View AnswerAnswer: B,C,E Explanation:...
