- All Exams Instant Download
SAML SLO is supported for which two firewall features? (Choose two.)
SAML SLO is supported for which two firewall features? (Choose two.)A . WebUIB . CLIC . GlobalProtectPortalD . CaptivePortalView AnswerAnswer: AC
Which statement is correct given the following message from the PanGPA.log on the GlobalProtect app?
Which statement is correct given the following message from the PanGPA.log on the GlobalProtect app? Failed to connect to server at port: 4767 A. The GlobalProtect app failed to connect to the GlobalProtect Portal on port 4767. B. The PanGPS process failed to connect to the PanGPA process on port...
Which three file types does WildFire inline ML analyze?
An administrator wants to enable WildFire inline machine learning. Which three file types does WildFire inline ML analyze? (Choose three.)A . APKB . VBscriptsC . MS OfficeD . ELFE . Powershell scriptsView AnswerAnswer: CDE
What would allow a network security administrator to authenticate and identify a user with a new BYOD-type device that is not joined to the corporate domain?
What would allow a network security administrator to authenticate and identify a user with a new BYOD-type device that is not joined to the corporate domain?A . a Security policy with "known-user” selected in the Source User fieldB . an Authentication policy with "known-user” selected in the Source User fieldC...
The end-user's browser will show that the certificate for www.example-website.com was issued by which of the following?
A firewall is configured with SSL Forward Proxy decryption and has the following four enterprise certificate authorities (Cas) i. Enterprise-Trusted-CA; which is verified as Forward Trust Certificate (The CA is also installed in the trusted store of the end-user browser and system) ii. Enterpnse-Untrusted-CA, which is verified as Forward Untrust...
What would allow a network security administrator to authenticate and identify a user with a new BYOD-type device that is not joined to the corporate domain'?
What would allow a network security administrator to authenticate and identify a user with a new BYOD-type device that is not joined to the corporate domain'?A . a Security policy with 'known-user" selected in the Source User fieldB . an Authentication policy with 'unknown' selected in the Source User fieldC...
What are three supported functions on the VWire interface?
An engineer wants to implement the Palo Alto Networks firewall in VWire mode on the internet gateway and wants to be sure of the functions that are supported on the vwire interface What are three supported functions on the VWire interface? (Choose three )A . NATB . QoSC . IPSecD...
Is the SE's advice correct and why or why not?
A organizations administrator has the funds available to purchase more firewalls to increase the organization's security posture. The partner SE recommends placing the firewalls as close as possible to the resources that they protect Is the SE's advice correct and why or why not?A . Yes Firewalls are session based...
Which User-ID mapping method should be used in a high-security environment where all IP address-to-user mappings should always be explicitly known?
Which User-ID mapping method should be used in a high-security environment where all IP address-to-user mappings should always be explicitly known?A . PAN-OS integrated User-ID agentB . LDAP Server Profile configurationC . GlobalProtectD . Windows-based User-ID agentView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/user-id/user-id-concepts/user-mapping/globalprotect.html Because GlobalProtect users must authenticate to gain access to...
When setting up a security profile which three items can you use? (Choose three)
When setting up a security profile which three items can you use? (Choose three)A . Wildfire analysisB . anti-ransom wareC . antivirusD . URL filteringE . decryption profileView AnswerAnswer: A,C,D Explanation: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-profiles
