- All Exams Instant Download
A web server is hosted in the DMZ, and the server is configured to listen for incoming connections only on TCP port 8080. A Security policy rule allowing access from the Trust zone to the DMZ zone need to be configured to enable we browsing access to the server.
A web server is hosted in the DMZ, and the server is configured to listen for incoming connections only on TCP port 8080. A Security policy rule allowing access from the Trust zone to the DMZ zone need to be configured to enable we browsing access to the server. Which...
Import the certificate.
Import the certificate. 3 Select Import Private Key 4 Click Generate to generate the new certificate B. 1 Select Device > Certificates 2 Select Certificate Profile 3 Generate the certificate 4 Select Block Private Key Export. C. 1 Select Device > Certificates 2 Select Certificate Profile. 3 Generate the certificate...
Which two subscriptions are available when configuring panorama to push dynamic updates to connected devices? (Choose two.)
Which two subscriptions are available when configuring panorama to push dynamic updates to connected devices? (Choose two.)A . Content-IDB . User-IDC . Applications and ThreatsD . AntivirusView AnswerAnswer: C,D Explanation: Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/web-interface-help/device/device-dynamic-updates
Which log file can be used to identify SSL decryption failures?
Which log file can be used to identify SSL decryption failures?A . ConfigurationB . ThreatsC . ACCD . TrafficView AnswerAnswer: D Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClboCAC
What file type upload is supported as part of the basic WildFire service?
What file type upload is supported as part of the basic WildFire service?A . PEB . BATC . VBSD . ELFView AnswerAnswer: A
If an administrator wants to decrypt SMTP traffic and possesses the server’s certificate, which SSL decryption mode will allow the Palo Alto Networks NGFW to inspect traffic to the server?
If an administrator wants to decrypt SMTP traffic and possesses the server’s certificate, which SSL decryption mode will allow the Palo Alto Networks NGFW to inspect traffic to the server?A . TLS Bidirectional InspectionB . SSL Inbound InspectionC . SSH Forward ProxyD . SMTP Inbound DecryptionView AnswerAnswer: B Explanation: Reference:...
Which event will happen if an administrator uses an Application Override Policy?
Which event will happen if an administrator uses an Application Override Policy?A . Threat-ID processing time is decreased.B . The Palo Alto Networks NGFW stops App-ID processing at Layer 4.C . The application name assigned to the traffic by the security rule is written to the Traffic log.D . App-ID...
Where can an administrator see both the management plane and data plane CPU utilization in the WebUI?
Where can an administrator see both the management plane and data plane CPU utilization in the WebUI?A . System logB . CPU Utilization widgetC . Resources widgetD . System Utilization logView AnswerAnswer: C Explanation: System Resources (widget)Displays the Management CPU usage, Data Plane usage, and the Session Count (the number...
Which certificates can be used as a Forwarded Trust certificate?
Refer to the exhibit. Which certificates can be used as a Forwarded Trust certificate?A . Certificate from Default Trust Certificate AuthoritiesB . Domain Sub-CAC . Forward_TrustD . Domain-Root-CertView AnswerAnswer: B
Which logs enable a firewall administrator to determine whether a session was decrypted?
Which logs enable a firewall administrator to determine whether a session was decrypted?A . Correlated EventB . TrafficC . DecryptionD . Security PolicyView AnswerAnswer: B
