Topic 1 : Main Questions pool
Which Captive Portal mode must be configured to support MFA authentication?
A.
NTLM
B.
Redirect
C.
Single Sign-On
D.
Transparent
Redirect
An administrator needs to determine why users onthe trust zone cannot reach certain websites. The only
information available is shown on the following image. Which configuration change should the administrator make?
A.
Option A
B.
Option B
C.
Option C
D.
Option D
E.
OptionE
Option B
An administrator wants multiple web servers in the DMZ to receive connections initiated from the internet. Traffic destined for 206.15.22.9 port 80/TCP needs to be forwarded to the server at 10.1.1.22
Based on the information shown in the image, which NAT rule will forward web-browsing traffic correctly?
A.
Option A
B.
Option B
C.
Option C
D.
Option D
Option D
An administrator needs to upgrade an NGFW to the most current version of PAN-OS® software. The
following is occurring:
Firewall has Internet connectivity through e1/1.
•Default security rules and security rules allowing all SSL and web-browsing traffic to and from any zone.
•Service route is configured, sourcing update traffic from e1/1.
•A communication error appears in the System logs when updates are performed.
•Download does not complete.
What must be configured to enable the firewall to download the current version of PAN-OS software?
A.
DNS settings for the firewall to use for resolution
B.
scheduler for timed downloads of PAN-OS software
C.
static route pointing application PaloAlto-updates to the update servers
D.
Security policy ruleallowing PaloAlto-updates as the application
Security policy ruleallowing PaloAlto-updates as the application
In a virtual router, which object contains all potential routes?
A.
MIB
B.
RIB
C.
SIP
D.
FIB
RIB
Reference: https://www.google.com/url?
sa=t&rct=j&q=&esrc=s&source=web&cd=10&ved=0ahUKEwiOkbfYzPzXAhVnEJoKHcwVCg4QFghiMAk&url=https%2Flive.paloaltonetworks.com%2Ftwzvq79624%2Fattachments%2Ftwzvq79624%2Fdocumentation_tkb%2F487%2F1%2520Redistribution%2520and%2520Filtering%2520TechNote%2520-%2520Rev%
2520B.pdf&usg=AOvVaw0H9qgaJK0oI2xjIJBNo1Km
An administrator needs to optimize traffic to prefer business-criticalapplications over non-critical applications. QoS natively integrates with which feature to provide service quality?
A.
Port Inspection
B.
Certificate revocation
C.
Content-ID
D.
App-ID
App-ID
Reference:
https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/quality-of-service/qos-for-applications-and-users
Which two options prevent the firewall from capturing traffic passing through it? (Choose two.)
A.
The firewall is in multi-vsys mode.
B.
The traffic is offloaded.
C.
The traffic does not match the packet capture filter.
D.
The firewall’s DP CPU is higher than 50%.
The traffic is offloaded.
The traffic does not match the packet capture filter.
Reference:
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/monitoring/take-packet-captures/disable-hardwareoffload
Which operation will impact the performanceof the management plane?
A.
WildFire Submissions
B.
DoS Protection
C.
decrypting SSL Sessions
D.
Generating a SaaS Application Report.
E.
Generating a SaaS Application Report.
decrypting SSL Sessions
Which CLI command enables an administrator to view details about the firewall including uptime, PAN-OS®version, and serial number?
A.
debug system details
B.
show session info
C.
show system info
D.
show system details
show system info
Reference:
https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/pan-os-60/PAN-OS-6.0-
CLI-ref.pdf
An administrator has left a firewall to use the default port for all management services. Which three functions are performed by the dataplane?(Choose three.)
A.
WildFire updates
B.
NAT
C.
NTP
D.
antivirus
E.
File blocking
WildFire updates
NAT
NTP
Page 7 out of 28 Pages |
Previous |