How can this be corrected?
After configuring Captive Portal in Layer 3 mode, users in the Trust Zone are not receiving the Captive Portal authentication page when they launch their web browsers. How can this be corrected?A . Ensure that all users in the Trust Zone are using NTLM-capable browsersB . Enable "Response Pages" in...
These changes may be undone by Device > Setup > Operations > Configuration Management>....and then what operation?
As a Palo Alto Networks firewall administrator, you have made unwanted changes to the Candidate configuration. These changes may be undone by Device > Setup > Operations > Configuration Management>....and then what operation?A . Revert to Running ConfigurationB . Revert to last Saved ConfigurationC . Load Configuration VersionD . Import...
In PAN-OS 5.0, how is Wildfire enabled?
In PAN-OS 5.0, how is Wildfire enabled?A . Via the "Forward" and "Continue and Forward" File-Blocking actionsB . A custom file blocking action must be enabled for all PDF and PE type filesC . Wildfire is automatically enabled with a valid URL-Filtering licenseD . Via the URL-Filtering "Continue" Action.View AnswerAnswer:...
Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate traffic to other hosts inside the network?
A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens of thousands of bogus UDP connections per second to a single destination IP address and port. Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate...
What could be the problem?
After pushing a security policy from Panorama to a PA-3020 firewall, the firewall administrator notices that traffic logs from the PA-3020 are not appearing in Panorama's traffic logs. What could be the problem?A . The firewall is not licensed for logging to this Panorama device.B . Panorama is not licensed...
When creating a Security Policy to allow Facebook in PAN-OS 5.0, how can you be sure that no other web-browsing traffic is permitted?
When creating a Security Policy to allow Facebook in PAN-OS 5.0, how can you be sure that no other web-browsing traffic is permitted?A . Ensure that the Service column is defined as "application-default" for this security rule. This will automatically include the implicit web-browsing application dependency.B . Create a subsequent...
In Active/Active HA environments, redundancy for the HA3 interface can be achieved by
In Active/Active HA environments, redundancy for the HA3 interface can be achieved byA . Configuring a corresponding HA4 interfaceB . Configuring HA3 as an Aggregate Ethernet bundleC . Configuring multiple HA3 interfacesD . Configuring HA3 in a redundant groupView AnswerAnswer: B
Which of the following must be configured when deploying User-ID to obtain information from an 802.1x authenticator?
Which of the following must be configured when deploying User-ID to obtain information from an 802.1x authenticator?A . Terminal Server AgentB . An Agentless deployment of User-ID, employing only the Palo Alto Networks FirewallC . A User-ID agent, with the "Use for NTLM Authentication" option enabled.D . XML API for...
Which of the following must be enabled in order for UserID to function?
Which of the following must be enabled in order for UserID to function?A . Captive Portal Policies must be enabled.B . UserID must be enabled for the source zone of the traffic that is to be identified.C . Captive Portal must be enabled.D . Security Policies must have the UserID...
Which URL Filtering Security Profile action logs the URL Filtering category to the URL Filtering log?
Which URL Filtering Security Profile action logs the URL Filtering category to the URL Filtering log?A . AllowB . AlertC . LogD . DefaultView AnswerAnswer: B Explanation: Reference: https://www.paloaltonetworks.com/documentation/61/pan-os/pan-os/url-filtering/configure-urlĀfiltering.html