- All Exams Instant Download
QoS natively integrates with which feature to provide service quality?
An administrator needs to optimize traffic to prefer business-critical applications over non-critical applications. QoS natively integrates with which feature to provide service quality?A . Port InspectionB . Certificate revocationC . Content-IDD . App-IDView AnswerAnswer: D Explanation: Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/quality-of-service/qos-for-applications-and-users
Which three functions are performed by the dataplane?
An administrator has left a firewall to use the default port for all management services. Which three functions are performed by the dataplane? (Choose three.)A . WildFire updatesB . NATC . NTPD . antivirusE . File blockingView AnswerAnswer: B,D,E
If the firewall is configured for credential phishing prevention using the “Domain Credential Filter” method, which login will be detected as credential theft?
If the firewall is configured for credential phishing prevention using the “Domain Credential Filter” method, which login will be detected as credential theft?A . Mapping to the IP address of the logged-in user.B . First four letters of the username matching any valid corporate username.C . Using the same user’s...
Which configuration will enable this HA scenario?
An administrator has been asked to configure active/active HA for a pair of Palo Alto Networks NGFWs. The firewall use Layer 3 interfaces to send traffic to a single gateway IP for the pair. Which configuration will enable this HA scenario? A. The two firewalls will share a single floating...
How can an administrator configure the NGFW to automatically quarantine a device using GlobalProtect?
How can an administrator configure the NGFW to automatically quarantine a device using GlobalProtect?A . by adding the device's Host ID to a quarantine list and configure GlobalProtect to prevent users from connecting to the GlobalProtect gateway from a quarantined deviceB . by using secunty policies, log forwarding profiles, and...
Which is not a valid reason for receiving a decrypt-cert-validation error?
Which is not a valid reason for receiving a decrypt-cert-validation error?A . Unsupported HSMB . Unknown certificate statusC . Client authenticationD . Untrusted issuerView AnswerAnswer: A
Which method will dynamically register tags on the Palo Alto Networks NGFW?
Which method will dynamically register tags on the Palo Alto Networks NGFW?A . Restful API or the VMWare API on the firewall or on the User-ID agent or the read-only domain controller (RODC)B . Restful API or the VMware API on the firewall or on the User-ID agentC . XML-API...
Which three user authentication services can be modified to provide the Palo Alto Networks NGFW with both usernames and role names? (Choose three.)
Which three user authentication services can be modified to provide the Palo Alto Networks NGFW with both usernames and role names? (Choose three.)A . TACACS+B . KerberosC . PAPD . LDAPE . SAMLF . RADIUSView AnswerAnswer: AEF Explanation: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/firewall-administration/manage-firewall-administrators/administrative-authentication
Which Security policy rule will allow traffic to flow to the web server?
Refer to the exhibit. A web server in the DMZ is being mapped to a public address through DNAT. Which Security policy rule will allow traffic to flow to the web server?A . Untrust (any) to Untrust (10. 1.1. 100), web browsing C AllowB . Untrust (any) to Untrust (1....
SAML SLO is supported for which two firewall features? (Choose two.)
SAML SLO is supported for which two firewall features? (Choose two.)A . GlobalProtect PortalB . CaptivePortalC . WebUID . CLIView AnswerAnswer: A, C
