The firewall identifies a popular application as an unknown-tcp.
Which two options are available to identify the application? (Choose two.)

A.

Create a custom application.

B.

Create a custom object for the custom application server to identify the custom application.

C.

Submit an Apple-ID request to Palo Alto Networks.

D.

Create a Security policy to identify the custom application.

Which CLI command enables an administrator to check the CPU utilization of the dataplane?

A.

show running resource-monitor

B.

debug data-plane dp-cpu

C.

show system resources

D.

debug running resources

The certificate information displayed in the following image is for which type of certificate?
Exhibit:

A.

Forward Trust certificate

B.

Self-Signed Root CA certificate

C.

Web Server certificate

D.

Public CA signed certificate

An administrator has configured the Palo Alto Networks NGFW’s management interface to connect to the internet through a dedicated path that does not traverse back through the NGFW itself.
Which configuration setting or step will allow the firewall to get automatic application signature updates?

A.

A scheduler will need to be configured for application signatures.

B.

A Security policy rule will need to be configured to allow the update requests from the firewall to the
update servers.

C.

A Threat Prevention license will need to be installed.

D.

A service route will need to be configured.

How would an administrator monitor/capture traffic on the managementinterface of the Palo Alto Networks NGFW?

A.

Use the debug dataplane packet-diag set capture stage firewall file command.

B.

Enable all four stages of traffic capture (TX, RX, DROP, Firewall).

C.

Use the debug dataplane packet-diag set capture stage management file command.

D.

Use the tcpdump command.

Which three authentication services can administrator use to authenticate admins into the Palo Alto Networks NGFW without defining a corresponding admin account on the local firewall? (Choose three.)

A.

Kerberos

B.

PAP

C.

SAML

D.

TACACS+

E.

RADIUS

F.

LDAP

If a template stack is assigned to a device and the stack includes three templates with overlapping settings, which settings are published to the device when the template stack is pushed?

A.

The settings assigned to the template that is on top of thestack.

B.

The administrator will be promoted to choose the settings for that chosen firewall.

C.

All the settings configured in all templates.

D.

Depending on the firewall location, Panorama decides with settings to send

During the packet flow process, which two processes are performed in application identification? (Choose two.)

A.

Pattern based application identification

B.

Application override policy match

C.

Application changed from content inspection

D.

Session application identified

Which method does an administrator use to integrate all non-native MFA platforms in PAN-OS® software?

A.

Okta

B.

DUO

C.

RADIUS

D.

PingID

What is exchanged through the HA2 link?

A.

hello heartbeats

B.

User-ID information

C.

sessionsynchronization

D.

HA state information