When Network Address Translation has been performed on traffic, Destination Zones in Security rules should be based on:
When Network Address Translation has been performed on traffic, Destination Zones in Security rules should be based on:A . Post-NAT addressesB . The same zones used in the NAT rulesC . Pre-NAT addressesD . None of the aboveView AnswerAnswer: A
Which three engines are built into the Single-Pass Parallel Processing Architecture? Choose 3 answers
Which three engines are built into the Single-Pass Parallel Processing Architecture? Choose 3 answersA . Application Identification (App-ID)B . Group Identification (Group-ID)C . User Identification (User-ID)D . Threat Identification (Threat-ID)E . Content Identification (Content-ID)View AnswerAnswer: A, C, E Explanation: Reference: https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/whitepapers/single-pass-parallel-processing-architecture.pdf page 5
Enabling "Highlight Unsused Rules" in the Security policy window will:
Enabling "Highlight Unsused Rules" in the Security policy window will:A . Hightlight all rules that did not immmediately match traffic.B . Hightlight all rules that did not match traffic since the rule was created or since last reboot of the firewallC . Allows the administrator to troubleshoot rules when a...
Subsequent to the installation of new licenses, the firewall must be rebooted
Subsequent to the installation of new licenses, the firewall must be rebootedA . TrueB . FalseView AnswerAnswer: B
Which two steps are required to make Microsoft Active Directory users appear in the firewall’s traffic log? Choose 2 answers
Which two steps are required to make Microsoft Active Directory users appear in the firewall’s traffic log? Choose 2 answersA . Enable User-ID on the zone object for the source zone.B . Enable User-ID on the zone object for the destination zone.C . Configure a RADIUS server profile to point...
Which interface configuration change should be applied to ethernet1/6 to allow the two hosts to communicate based on this information?
A Palo Alto Networks firewall has the following interface configuration; Hosts are directly connected on the following interfaces: Ethernet 1/6 - Host IP 192.168.62.2 Ethernet 1/3 - Host IP 10.46.40.63 The security administrator is investigating why ICMP traffic between the hosts is not working. She first ensures that ail traffic...
Which policy type should be configured on Panorama if the administrator wishes to allow local administrators at the branch office sites to override these policies?
A network administrator uses Panorama to push security policies to managed firewalls at branch offices. Which policy type should be configured on Panorama if the administrator wishes to allow local administrators at the branch office sites to override these policies?A . Implicit RulesB . Post RulesC . Default RulesD ....
WildFire Analysis Reports are available for the following Operating Systems (select all that apply)
WildFire Analysis Reports are available for the following Operating Systems (select all that apply)A . Windows XPB . Windows 7C . Windows 8D . Mac OS-XView AnswerAnswer: A,B,C
Which firewall will be in the "Active" state after firewall 5050-B has completed its reboot and is back online?
Two firewalls are configured in an Active/Passive High Availability (HA) pair with the following election settings: Firewall 5050-B is presently in the "Active" state and 5050-A is presently in the "Passive" state. Firewall 5050B reboots causing 5050-A to become Active. Which firewall will be in the "Active" state after firewall...
Wildfire may be used for identifying which of the following types of traffic?
Wildfire may be used for identifying which of the following types of traffic?A . MalwareB . DNSC . DHCPD . URL ContentView AnswerAnswer: A