- All Exams Instant Download
Which type of role-based access is most appropriate for this project?
A super user is tasked with creating administrator accounts for three contractors. For compliance purposes, all three contractors will be working with different device-groups m their hierarchy to deploy policies and objects. Which type of role-based access is most appropriate for this project?A . Create a Dynamic Admin with the...
What can the administrator configure to establish the VPN connection?
A network administrator configured a site-to-site VPN tunnel where the peer device will act as initiator None of the peer addresses are known What can the administrator configure to establish the VPN connection?A . Set up certificate authentication. B. Use the Dynamic IP address type. C. Enable Passive Mode D....
Where is Palo Alto Networks Device Telemetry data stored on a firewall with a device certificate installed?
Where is Palo Alto Networks Device Telemetry data stored on a firewall with a device certificate installed?A . Cortex Data Lake B. Panorama C. On Palo Alto Networks Update Servers D. M600 Log CollectorsView AnswerAnswer: C
If an administrator were to troubleshoot, how would they confirm the transceiver type, tx-power, rx-power, vendor name, and part number via the CLI?
An administrator connected a new fiber cable and transceiver to interface Ethernetl/l on a Palo Alto Networks firewall. However, the link does not seem to be coming up. If an administrator were to troubleshoot, how would they confirm the transceiver type, tx-power, rx-power, vendor name, and part number via the...
What must be taken into consideration when designing the device group structure?
An engineer is designing a deployment of multi-vsys firewalls. What must be taken into consideration when designing the device group structure?A . Multiple vsys and firewalls can be assigned to a device group, and a multi-vsys firewall must have all its vsys in a single device group. B. Only one...
How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?
How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?A . Use the debug dataplane packet-diag set capture stage firewall file command. B. Enable all four stages of traffic capture (TX, RX, DROP, Firewall). C. Use the debug dataplane packet-diag set capture stage management...
Based on the image, which NAT rule will forward web-browsing traffic correctly?
An administrator wants multiple web servers In the DMZ to receive connections initiated from the internet. Traffic destined for 206.15.22.9 port 80/TCP needs to be forwarded to the server at 10.1.1.22. Based on the image, which NAT rule will forward web-browsing traffic correctly? A) B) C) D) A . Option...
Which type of policy in Palo Alto Networks firewalls can use Device-ID as a match condition?
Which type of policy in Palo Alto Networks firewalls can use Device-ID as a match condition?A . NAT B. DOS protection C. QoS D. Tunnel inspectionView AnswerAnswer: A
What is the best description of the HA4 Keep-Alive Threshold (ms)?
What is the best description of the HA4 Keep-Alive Threshold (ms)?A . the maximum interval between hello packets that are sent to verify that the HA functionality on the other firewall is operational. B. The time that a passive or active-secondary firewall will wait before taking over as the active...
Which two mandatory options are used to configure a VLAN interface?
A customer wants to set up a VLAN interface for a Layer 2 Ethernet port. Which two mandatory options are used to configure a VLAN interface? (Choose two.)A . Virtual router B. Security zone C. ARP entries D. Netflow ProfileView AnswerAnswer: A,B Explanation: Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/network/network-interfaces/pa-7000-series- layer-2-interface#idd2bcaacc-54b9-4ec9-a1dd-8064499f5b9d https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRqCAK VLAN interface is...