- All Exams Instant Download
What is the purpose of the firewall decryption broker?
What is the purpose of the firewall decryption broker?A . Decrypt SSL traffic a then send it as cleartext to a security chain of inspection toolsB . Force decryption of previously unknown cipher suitesC . Inspection traffic within IPsec tunnelD . Reduce SSL traffic to a weaker cipher before sending...
Which three authentication services can administrator use to authenticate admins into the Palo Alto Networks NGFW without defining a corresponding admin account on the local firewall? (Choose three.)
Which three authentication services can administrator use to authenticate admins into the Palo Alto Networks NGFW without defining a corresponding admin account on the local firewall? (Choose three.)A . KerberosB . PAPC . SAMLD . TACACS+E . RADIUSF . LDAPView AnswerAnswer: DEF
When configuring a GlobalProtect Portal, what is the purpose of specifying an Authentication Profile?
When configuring a GlobalProtect Portal, what is the purpose of specifying an Authentication Profile?A . To enable Gateway authentication to the PortalB . To enable Portal authentication to the GatewayC . To enable user authentication to the PortalD . To enable client machine authentication to the PortalView AnswerAnswer: C Explanation:...
Which method does an administrator use to integrate all non-native MFA platforms in PAN-OS® software?
Which method does an administrator use to integrate all non-native MFA platforms in PAN-OS® software?A . OktaB . DUOC . RADIUSD . PingIDView AnswerAnswer: C
Which Captive Portal mode must be configured to support MFA authentication?
Which Captive Portal mode must be configured to support MFA authentication?A . NTLMB . RedirectC . Single Sign-OnD . TransparentView AnswerAnswer: B Explanation: Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/authentication/configure-multi-factor-authentication
A session in the Traffic log is reporting the application as “incomplete.” What does “incomplete” mean?
A session in the Traffic log is reporting the application as “incomplete.” What does “incomplete” mean?A . The three-way TCP handshake was observed, but the application could not be identified.B . The three-way TCP handshake did not complete.C . The traffic is coming across UDP, and the application could not...
Which event will happen if an administrator uses an Application Override Policy?
Which event will happen if an administrator uses an Application Override Policy?A . Threat-ID processing time is decreased.B . The Palo Alto Networks NGFW stops App-ID processing at Layer 4.C . The application name assigned to the traffic by the security rule is written to the Traffic log.D . App-ID...
Which NGFW receives the configuration from Panorama?
An administrator pushes a new configuration from Panorama to a pair of firewalls that are configured as an active/passive HA pair. Which NGFW receives the configuration from Panorama?A . The Passive firewall, which then synchronizes to the active firewallB . The active firewall, which then synchronizes to the passive firewallC...
Which solution in PAN-OS® software would help in this case?
A global corporate office has a large-scale network with only one User-ID agent, which creates a bottleneck near the User-ID agent server. Which solution in PAN-OS® software would help in this case?A . Application overrideB . Redistribution of user mappingsC . Virtual Wire modeD . Content inspectionView AnswerAnswer: B
When platform utilization is considered, which steps must the administrator take to configure and apply packet buffer protection?
An administrator is defining protection settings on the Palo Alto Networks NGFW to guard against resource exhaustion. When platform utilization is considered, which steps must the administrator take to configure and apply packet buffer protection?A . Enable and configure the Packet Buffer protection thresholds. Enable Packet Buffer Protection per ingress...
