How would a Security policy need to be written to allow outbound traffic using Secure Shell (SSH) to destination ports tcp/22 and tcp/4422?

How would a Security policy need to be written to allow outbound traffic using Secure Shell (SSH) to destination ports tcp/22 and tcp/4422?A . The admin creates a custom service object named "tcp-4422" with port tcp/4422. The admin then creates a Security policy allowing application "ssh" and service "tcp-4422". B....

July 19, 2023 No Comments READ MORE +

Which two URL categories should be combined in a custom URL category to accomplish this goal?

An administrator wants to prevent access to media content websites that are risky. Which two URL categories should be combined in a custom URL category to accomplish this goal? (Choose two.)A . recreation-and-hobbies B. streaming-media C. known-risk D. high-riskView AnswerAnswer: BD Explanation: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/content-inspection-features/url-filtering-multi-category.html https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/content-inspection-features/url-filtering-security-categories.html

July 19, 2023 No Comments READ MORE +

Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?

Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?A . DNS Malicious signatures B. DNS Security signatures C. DNS Malware signatures D. DNS Block signaturesView AnswerAnswer: B Explanation: https://docs.paloaltonetworks.com/dns-security/administration/configure-dns-security/enable-dns-security#tabs-id066476b2-c4dd-4fc0-b7e4-f4ba32e19f60

July 19, 2023 No Comments READ MORE +

Which Security Profile when applied to outbound Security policy rules detects and prevents this threat from establishing a command-and-control connection?

You receive notification about a new malware that infects hosts. An infection results in the infected host attempting to contact a command-and-control server. Which Security Profile when applied to outbound Security policy rules detects and prevents this threat from establishing a command-and-control connection?A . Antivirus Profile B. Data Filtering Profile...

July 19, 2023 No Comments READ MORE +

The data plane provides which two data processing features of the firewall? (Choose two.)

The data plane provides which two data processing features of the firewall? (Choose two.)A . signature matching B. reporting C. network processing D. loggingView AnswerAnswer: AC

July 19, 2023 No Comments READ MORE +

Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic?

Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic?A . Tap B. Virtual Wire C. Layer 2 D. Layer 3View AnswerAnswer: B Explanation: A virtual wire logically binds two Ethernet interfaces together, allowing for all traffic to pass between the...

July 19, 2023 No Comments READ MORE +

Which three types of authentication services can be used to authenticate user traffic flowing through the firewall's data plane? (Choose three.)

Which three types of authentication services can be used to authenticate user traffic flowing through the firewall's data plane? (Choose three.)A . SAML 2.0 B. Kerberos C. TACACS D. TACACS+ E. SAML 1.0View AnswerAnswer: ABD Explanation: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/authentication/authentication-types.html

July 19, 2023 No Comments READ MORE +

In order to protect users against exploit kits that exploit a vulnerability and then automatically download malicious payloads, which Security profile should be configured?

In order to protect users against exploit kits that exploit a vulnerability and then automatically download malicious payloads, which Security profile should be configured?A . Anti-Spyware B. WildFire C. Vulnerability Protection D. AntivirusView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/policy/security-profiles

July 18, 2023 No Comments READ MORE +

Where in Panorama would Zone Protection profiles be configured?

Where in Panorama would Zone Protection profiles be configured?A . Templates B. Device Groups C. Shared D. Panorama tabView AnswerAnswer: A Explanation: Create a Zone Protection profile for the firewalls in the data center template (T_DataCenter). Select the Network tab and, in the Template drop-down, select T_DataCenter. Select Network ProfilesZone...

July 18, 2023 No Comments READ MORE +

What are the requirements for using Palo Alto Networks EDL Hosting Sen/ice?

What are the requirements for using Palo Alto Networks EDL Hosting Sen/ice?A . any supported Palo Alto Networks firewall or Prisma Access firewall B. an additional subscription free of charge C. a firewall device running with a minimum version of PAN-OS 10.1 D. an additional paid subscriptionView AnswerAnswer: A

July 18, 2023 No Comments READ MORE +