- All Exams Instant Download
When is the content inspection performed in the packet flow process?
When is the content inspection performed in the packet flow process?A . after the application has been identifiedB . before session lookupC . before the packet forwarding processD . after the SSL Proxy re-encrypts the packetView AnswerAnswer: A Explanation: Reference: https://live.paloaltonetworks.com/t5/Learning-Articles/Packet-Flow-Sequence-in-PAN-OS/ta-p/56081
What is the purpose of the firewall decryption broker?
What is the purpose of the firewall decryption broker?A . Decrypt SSL traffic a then send it as cleartext to a security chain of inspection toolsB . Force decryption of previously unknown cipher suitesC . Inspection traffic within IPsec tunnelD . Reduce SSL traffic to a weaker cipher before sending...
What must the administrator configure so that the PAN-OS® software can be upgraded?
An administrator needs to upgrade a Palo Alto Networks NGFW to the most current version of PAN-OS® software. The firewall has internet connectivity through an Ethernet interface, but no internet connectivity from the management interface. The Security policy has the default security rules and a rule that allows all web-browsing...
Based on the image, what caused the commit warning?
Based on the image, what caused the commit warning? A. The CA certificate for FWDtrust has not been imported into the firewall. B. The FWDtrust certificate has not been flagged as Trusted Root CA. C. SSL Forward Proxy requires a public certificate to be imported into the firewall. D. The...
Which three settings are defined within the Templates object of Panorama? (Choose three.)
Which three settings are defined within the Templates object of Panorama? (Choose three.)A . SetupB . Virtual RoutersC . InterfacesD . SecurityE . Application OverrideView AnswerAnswer: ABC
Which solution in PAN-OS® software would help in this case?
A global corporate office has a large-scale network with only one User-ID agent, which creates a bottleneck near the User-ID agent server. Which solution in PAN-OS® software would help in this case?A . Application overrideB . Redistribution of user mappingsC . Virtual Wire modeD . Content inspectionView AnswerAnswer: B
Which option should the administrator investigate as part of triage?
An administrator encountered problems with inbound decryption. Which option should the administrator investigate as part of triage?A . Security policy rule allowing SSL to the target serverB . Firewall connectivity to a CRLC . Root certificate imported into the firewall with “Trust” enabledD . Importation of a certificate from an...
Which is not a valid reason for receiving a decrypt-cert-validation error?
Which is not a valid reason for receiving a decrypt-cert-validation error?A . Unsupported HSMB . Unknown certificate statusC . Client authenticationD . Untrusted issuerView AnswerAnswer: A
Which three split tunnel methods are supported by a globalProtect gateway? (Choose three.)
Which three split tunnel methods are supported by a globalProtect gateway? (Choose three.)A . video streaming applicationB . Client Application ProcessC . Destination DomainD . Source DomainE . Destination user/groupF . URL CategoryView AnswerAnswer: A,B,C
Which PAN-OS® policy must you configure to force a user to provide additional credentials before he is allowed to access an internal application that contains highly-sensitive business data?
Which PAN-OS® policy must you configure to force a user to provide additional credentials before he is allowed to access an internal application that contains highly-sensitive business data?A . Security policyB . Decryption policyC . Authentication policyD . Application Override policyView AnswerAnswer: C
