Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate traffic to other hosts inside the network?
A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens of thousands of bogus UDP connections per second to a single destination IP address and port. Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate...
Which feature can be configured with an IPv6 address?
Which feature can be configured with an IPv6 address?A . Static RouteB . RIPv2C . DHCP ServerD . BGPView AnswerAnswer: A Explanation: Reference: https://live.paloaltonetworks.com/docs/DOC-5493
Which information source would allow reliable User ID mapping for these users, requiring the least amount of configuration?
As the Palo Alto Networks administrator responsible for User Identification, you are looking for the simplest method of mapping network users that do not sign into LDAP. Which information source would allow reliable User ID mapping for these users, requiring the least amount of configuration?A . WMI QueryB . Exchange...
Which of the following objects cannot use User-ID as a match criteria?
Which of the following objects cannot use User-ID as a match criteria?A . Security PoliciesB . QoSC . Policy Based ForwardingD . DoS ProtectionE . None of the aboveView AnswerAnswer: E
Which of the following describes the sequence of the Global Protect agent connecting to a Gateway?
Which of the following describes the sequence of the Global Protect agent connecting to a Gateway?A . The Agent connects to the Portal obtains a list of Gateways, and connects to the Gateway with the fastest SSL response timeB . The agent connects to the closest Gateway and sends the...
Users can be authenticated serially to multiple authentication servers by configuring:
Users can be authenticated serially to multiple authentication servers by configuring:A . Multiple RADIUS Servers sharing a VSA configurationB . Authentication SequenceC . Authentication ProfileD . A custom Administrator ProfileView AnswerAnswer: B
Which setting should be changed on the Palo Alto Firewall to resolve this error message?
After migrating from an ASA firewall, the VPN connection between a remote network and the Palo Alto Networks firewall is not establishing correctly. The following entry is appearing in the logs: pfs group mismatched: my:0 peer:2 Which setting should be changed on the Palo Alto Firewall to resolve this error...
What happens at the point of Threat Prevention license expiration?
What happens at the point of Threat Prevention license expiration?A . Threat Prevention no longer updated; existing database still effectiveB . Threat Prevention is no longer used; applicable traffic is allowedC . Threat Prevention no longer used; applicable traffic is blockedD . Threat Prevention no longer used; traffic is allowed...
Wildfire may be used for identifying which of the following types of traffic?
Wildfire may be used for identifying which of the following types of traffic?A . URL contentB . DHCPC . DNSD . VirusesView AnswerAnswer: D
How can a Palo Alto Networks firewall be configured to send syslog messages in a format compatible with nonstandard syslog servers?
How can a Palo Alto Networks firewall be configured to send syslog messages in a format compatible with nonstandard syslog servers?A . Enable support for non-standard syslog messages under device management.B . Select a non-standard syslog server profile.C . Create a custom log format under the syslog server profile.D ....