Remember that the inspection tasks are performed from the dataplane, therefore, this is in charge of applying file blocking tasks, NATS and the antivirus threats.
How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?
A
Which CLI command enables an administrator to view detail about the firewall including uptime. PAN -OS version, and
serial number?
C
An administrator has left a firewall to used default port for all management services. Which three function performed by the
dataplane? (Choose three.)
A C D
Remember that the inspection tasks are performed from the dataplane, therefore, this is in charge of applying file blocking tasks, NATS and the antivirus threats.
A client has a sensitive application server in their data center and is particularly concerned about resource exhaustion
because of distributed denial-of-service attacks.
How can the Palo Alto Networks NGFW be configured to specifically protect tins server against resource exhaustion
originating from multiple IP address (DDoS attack)?
B
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/dos-protection-profiles-and-policy-rules/dos-protection-profiles#ida42d52fa-3366-4695-bb4a-d39ebf3b6a5f
A firewall administrator has been asked to configure a Palo Alto Networks NGFW to prevent against compromised hosts
trying to phone-number or bacon out to eternal command-and-control (C2) servers.
Which Security Profile type will prevent these behaviors?
D
Which administrative authentication method supports authorization by an external service?
B
Correct answer is A
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/firewall-administration/manage-firewall-administrators/administrative-authentication
What should an administrator consider when planning to revert Panorama to a pre-PAN-OS 8.1 version?
B
Which feature prevents the submission of corporate login information into website forms?
A
An administrator using an enterprise PKI needs to establish a unique chain of trust to ensure mutual authentication between
panorama and the managed firewall and Log Collectors. How would the administrator establish the chain of trust?
C
An administrator is using Panorama and multiple Palo Alto Networks NGFWs. After upgrading all devices to the latest PAN-
OS software, the administrator enables logs forwarding from the firewalls to panorama
Pre-existing logs from the firewall are not appearing in Panorama.
Which action would enables the firewalls to send their preexisting logs to Panorama?
A
The firewall identified a popular application as a unknown-tcp. Which options are available to identify the application?
(Choose two.)
B D
To allow an unknown application, you can do an application override or request the app-id from Palo ALto, with the difference that it must be a commercial application and packet capture of the traffic must be attached to recognize the app's patterns.
Which processing order will be enabled when a panorama administrator selects the setting "Objects defined in ancestors will
takes higher precedence?
B
Which three file types can be forward to WildMFire for analysis a part of the basic WildMFire service?
B D E
When a malware-infected host attempts to resolve a known command-and-control server, the traffic matches a security
policy with DNS sinhole enabled, generating a traffic log.
What will be the destination IP Address in that log entry?
C
Explanation:
https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Verify-DNS-Sinkhole-Function-is-Working/
An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs.
The administrator assigns priority 100 to the active firewall. Which priority is collect tot the passive firewall?
D