- All Exams Instant Download
In a virtual router, which object contains all potential routes?
In a virtual router, which object contains all potential routes?A . MIBB . RIBC . SIPD . FIBView AnswerAnswer: B Explanation: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/networking/virtual-routers
Which administrative authentication method supports authorization by an external service?
Which administrative authentication method supports authorization by an external service?A . CertificatesB . LDAPC . RADIUSD . SSH keysView AnswerAnswer: C
Which CLI command can be used to export the tcpdump capture?
Which CLI command can be used to export the tcpdump capture?A . scp export tcpdump from mgmt.pcap to <username@host:path>B . scp extract mgmt-pcap from mgmt.pcap to <username@host:path>C . scp export mgmt-pcap from mgmt.pcap to <username@host:path>D . download mgmt.-pcapView AnswerAnswer: C Explanation: Reference: https://live.paloaltonetworks.com/t5/Management-Articles/How-To-Packet-Capture-tcpdump-On-Management-Interface/ta- p/55415
Which two configuration options can be used to correctly categorize their custom database application?
A customer has an application that is being identified as unknown-top for one of their custom PostgreSQL database connections. Which two configuration options can be used to correctly categorize their custom database application? (Choose two.)A . Application Override policy.B . Security policy to identify the custom application.C . Custom application.D...
When configuring the firewall for packet capture, what are the valid stage types?
When configuring the firewall for packet capture, what are the valid stage types?A . Receive, management, transmit, and dropB . Receive, firewall, send, and non-synC . Receive management, transmit, and non-synD . Receive, firewall, transmit, and dropView AnswerAnswer: D
A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents over HTTP(S). Traffic from Trust to DMZ is being decrypted with a Forward Proxy rule.
A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents...
Which GlobalProtect Client connect method requires the distribution and use of machine certificates?
Which GlobalProtect Client connect method requires the distribution and use of machine certificates?A . User-logon (Always on)B . At-bootC . On-demandD . Pre-logonView AnswerAnswer: D
When is the content inspection performed in the packet flow process?
When is the content inspection performed in the packet flow process?A . after the application has been identifiedB . before session lookupC . before the packet forwarding processD . after the SSL Proxy re-encrypts the packetView AnswerAnswer: C Explanation: Reference: https://live.paloaltonetworks.com/t5/Learning-Articles/Packet-Flow-Sequence-in-PAN-OS/ta-p/56081
Which three options are supported in HA Lite? (Choose three.)
Which three options are supported in HA Lite? (Choose three.)A . Virtual linkB . Active/passive deploymentC . Synchronization of IPsec security associationsD . Configuration synchronizationE . Session synchronizationView AnswerAnswer: B,C,D Explanation: “The PA-200 firewall supports HA Lite only. HA Lite is an active/passive deployment that provides configuration synchronization and some...
Which priority is correct for the passive firewall?
An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs. The administrator assigns priority 100 to the active firewall. Which priority is correct for the passive firewall?A . 0B . 99C . 1D . 255View AnswerAnswer: D Explanation: Reference: https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/framemaker/71/pan-os/pan-os/section_5.pdf (page 9)
