In order to reach the web server, which Security rule and NAT rule must be configured on the firewall?

A user at an external system with the IP address 65. 124.57.5 queries the DNS server at 4.2.2.2 for the IP address of the web server, www.xyz.com. The DNS server returns an address of 172.16.15.1 In order to reach the web server, which Security rule and NAT rule must be...

May 4, 2022 No Comments READ MORE +

What type of address object would be useful for internal devices where the addressing structure assigns meaning to certain bits in the address, as illustrated in the diagram?

What type of address object would be useful for internal devices where the addressing structure assigns meaning to certain bits in the address, as illustrated in the diagram? A . IP NetmaskB . IP AddressC . IP Wildcard MaskD . IP RangeView AnswerAnswer: C

May 3, 2022 No Comments READ MORE +

When you navigate to Network>Global Protect>Portals>Agent>(config)>App and look in the Connect Method section, which three options are available? (Choose three.)

When you navigate to Network>Global Protect>Portals>Agent>(config)>App and look in the Connect Method section, which three options are available? (Choose three.)A . pre-logon the non-demandB . certificate-logonC . on-demand (manual user-initiated connection)D . post-logon (always on)E . user-logon (always on)View AnswerAnswer: ACE

May 2, 2022 No Comments READ MORE +

What is the best solution for the customer?

An existing NGFW customer requires direct internet access offload locally at each site, and IPSec connectivity to all branches over public internet. One requirement is that no new SD-WAN hardware be introduced to the environment. What is the best solution for the customer?A . Upgrade to a PAN-OS SD-WAN subscriptionB...

May 2, 2022 No Comments READ MORE +

What should be done to ensure that the settings in the "Local" template are applied while maintaining settings from both templates?

A firewall has been assigned to a new template stack that contains both "Global" and "Local" templates in Panorama, and a successful commit and push has been performed. While validating the configuration on the local firewall, the engineer discovers that some settings are not being applied as intended. The setting...

May 1, 2022 No Comments READ MORE +

The end-user's browser will show that the certificate for www.example-website.comwas issued by which of the following?

A firewall is configured with SSL Forward Proxy decryption and has the following four enterprise certificate authorities (CAs): i. Enterprise-Trusted-CA, which is verified as Forward Trust Certificate (The CA is also installed in the trusted store of the end-user browser and system.) ii. Enterprise-Untrusted-CA, which is verified as Forward Untrust...

April 30, 2022 No Comments READ MORE +

What should the administrator implement?

A network administrator plans a Prisma Access deployment with three service connections, each with a BGP peering to a CPE. The administrator needs to minimize the BGP configuration and management overhead on on-prem network devices. What should the administrator implement?A . hot potato routingB . summarized BGP routes before advertisingC...

April 30, 2022 No Comments READ MORE +

After the administrator commits the configuration to Panorama, which device-group commit push operation should the administrator use to ensure that the push is successful?

A Panorama administrator configures a new zone and uses the zone in a new Security policy. After the administrator commits the configuration to Panorama, which device-group commit push operation should the administrator use to ensure that the push is successful?A . merge with candidate configB . force template valuesC ....

April 30, 2022 No Comments READ MORE +

An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple routing protocols, and the engineer is trying to determine routing priority.

An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple routing protocols, and the engineer is trying to determine routing priority. Match the default Administrative Distances for each routing protocol. View AnswerAnswer:

April 30, 2022 No Comments READ MORE +

Which component enables you to configure firewall resource protection settings?

Which component enables you to configure firewall resource protection settings?A . Zone Protection ProfileB . DoS Protection ProfileC . DoS Protection policyD . QoS ProfileView AnswerAnswer: B

April 30, 2022 No Comments READ MORE +