- All Exams Instant Download
Which data flow best describes redistribution of user mappings?
An engineer needs to redistribute User-ID mappings from multiple data centers. Which data flow best describes redistribution of user mappings?A . Domain Controller to User-ID agentB . User-ID agent to PanoramaC . User-ID agent to firewallD . firewall to firewallView AnswerAnswer: D
In order to reach the web server, which security rule and U-Turn NAT rule must be configured on the firewall?
A user at an internal system queries the DNS server for their web server with a private IP of 10 250 241 131 in the. The DNS server returns an address of the web server's public address, 200.1.1.10. In order to reach the web server, which security rule and U-Turn...
What are two best practices for incorporating new and modified App-IDs? (Choose two.)
What are two best practices for incorporating new and modified App-IDs? (Choose two.)A . Run the latest PAN-OS version in a supported release tree to have the best performance for the new App-IDsB . Configure a security policy rule to allow new App-IDs that might have network-wide impactC . Perform...
What is a common obstacle for decrypting traffic from guest devices?
An organization wishes to roll out decryption but gets some resistance from engineering leadership regarding the guest network. What is a common obstacle for decrypting traffic from guest devices?A . Guest devices may not trust the CA certificate used for the forward untrust certificate.B . Guests may use operating systems...
What should be done to ensure that the settings in the "Local" template are applied while maintaining settings from both templates?
A firewall has been assigned to a new template stack that contains both "Global" and "Local" templates in Panorama, and a successful commit and push has been performed. While validating the configuration on the local firewall, the engineer discovers that some settings are not being applied as intended. The setting...
WildFire will submit for analysis blocked files that match which profile settings?
WildFire will submit for analysis blocked files that match which profile settings?A . files matching Anti-Spyware signaturesB . files that are blocked by URL filteringC . files that are blocked by a File Blocking profileD . files matching Anti-Virus signaturesView AnswerAnswer: C
What is the best description of the HA4 Keep-Alive Threshold (ms)?
What is the best description of the HA4 Keep-Alive Threshold (ms)?A . the maximum interval between hello packets that are sent to verify that the HA functionality on the other firewall is operational.B . The time that a passive or active-secondary firewall will wait before taking over as the active...
What type of address object would be useful for internal devices where the addressing structure assigns meaning to certain bits in the address, as illustrated in the diagram?
What type of address object would be useful for internal devices where the addressing structure assigns meaning to certain bits in the address, as illustrated in the diagram? A . IP NetmaskB . IP Wildcard MaskC . IP AddressD . IP RangeView AnswerAnswer: B
Where would the administrator go to edit a template variable at the device level?
An administrator needs to assign a specific DNS server to one firewall within a device group. Where would the administrator go to edit a template variable at the device level?A . Variable CSV export under Panorama > templatesB . PDF Export under Panorama > templatesC . Manage variables under Panorama...
What happens when an A/P firewall cluster synchronies IPsec tunnel security associations (SAs)?
What happens when an A/P firewall cluster synchronies IPsec tunnel security associations (SAs)?A . Phase 2 SAs are synchronized over HA2 linksB . Phase 1 and Phase 2 SAs are synchronized over HA2 linksC . Phase 1 SAs are synchronized over HA1 linksD . Phase 1 and Phase 2 SAs...
