- All Exams Instant Download
Starting with PAN_OS version 9.1 which new type of object is supported for use within the user field of a security policy rule?
Starting with PAN_OS version 9.1 which new type of object is supported for use within the user field of a security policy rule?A . local usernameB . dynamic user groupC . remote usernameD . static user groupView AnswerAnswer: D
create a service account on the Domain Controller with sufficient permissions to execute the User- ID agent
create a service account on the Domain Controller with sufficient permissions to execute the User- ID agentA . 2-3-4-1B . 1-4-3-2C . 3-1-2-4D . 1-3-2-4View AnswerAnswer: D
To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?
To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?A . domain controllerB . TACACS+C . LDAPD . RADIUSView AnswerAnswer: C
Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?
Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?A . globalB . intrazoneC . interzoneD . universalView AnswerAnswer: D Explanation: References: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClomCAC
Which security profile feature could have been used to prevent the communication with the CnC server?
The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data...
Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.
Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. Complete the security policy to ensure only Telnet is allowed. Security Policy: Source Zone: Internal to DMZ Zone __________services “Application defaults”, and action = AllowA . Destination IP: 192.168.1.123/24B . Application =...
How many zones can an interface be assigned with a Palo Alto Networks firewall?
How many zones can an interface be assigned with a Palo Alto Networks firewall?A . twoB . threeC . fourD . oneView AnswerAnswer: D
How is the hit count reset on a rule?
How is the hit count reset on a rule?A . select a security policy rule, right click Hit Count > ResetB . with a dataplane rebootC . Device > Setup > Logging and Reporting Settings > Reset Hit CountD . in the CLI, type command reset hitcount <POLICY-NAME>View AnswerAnswer: A
How often does WildFire release dynamic updates?
How often does WildFire release dynamic updates?A . every 5 minutesB . every 15 minutesC . every 60 minutesD . every 30 minutesView AnswerAnswer: A
Which prevention technique will prevent attacks based on packet count?
Which prevention technique will prevent attacks based on packet count?A . zone protection profileB . URL filtering profileC . antivirus profileD . vulnerability profileView AnswerAnswer: A
