If the firewall has the link monitoringconfiguration, what will cause a failover?

A.

ethernet1/3 and ethernet1/6 going down

B.

ethernet1/3 going down

C.

ethernet1/3 or Ethernet1/6 going down

D.

ethernet1/6 going down

An administrator just submitted a newlyfound piece of spyware for WildFire analysis. The spyware passively
monitors behavior without the user’s knowledge.
What is the expected verdict from WildFire?

A.

Gray ware

B.

Malware

C.

Spyware

D.

Phishing

View the GlobalProtect configuration screen capture

What is the purpose of this configuration?

A.

It configures the tunnel address of all internal clients to an IP address range starting at 192.168.10.1.

B.

It forces an internal client to connect to an internal gateway at IP address 192.168.10.1.

C.

It enables a client to perform a reverse DNS lookup on 192.168.10.1 to detect that it is an internal client.

D.

It forces the firewall to perform a dynamic DNS update, which adds the internal gateway’s hostname
and IP address to the DNS server.

An administrator encountered problems with inbound decryption.Which option should the administrator
investigate as part of triage?

A.

Security policy rule allowing SSL to the target server

B.

Firewall connectivity to a CRL

C.

Root certificate imported into the firewall with “Trust” enabled

D.

Importation of a certificatefrom an HSM

user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At
other times the session times out. The NGFW has been configured with a PBF rule that the user’s
matches when it goes to http://www.company.com.
How can the firewall be configured automatically disable the PBF rule if the next hop goes down?

A.

Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question:.

B.

Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question:.

C.

Enable and configure a Link Monitoring Profile for the external interface of the firewall.

D.

Configure path monitoring for the next hop gateway on the default routein the virtual router.

Where can an administrator see both the management plane and data plane CPU utilization in the WebUI?

A.

System log

B.

CPU Utilization widget

C.

Resources widget

D.

System Utilization log

What are the differences between using a service versus using an application for Security Policy match?

A.

Use of a "service" enables the firewall to take action after enough packets allow for App-ID
identification

B.

Use of a "service" enables the firewall to take immediate action with the first observed packet based on
port numbers Use ofan "application" allows the firewall to take action after enough packets allow for
App-ID identification regardless of the portsbeing used.

C.

There are no differences between "service" or "application” Use of an "application" simplifies
configuration by allowing use ofa friendly application name instead of port numbers.

D.

Use of a "service" enables the firewall to take immediate action with thefirst observed packet based on
port numbers. Use ofan "application" allows the firewall to take immediate action it the port being used
is a member of the application standardport list

Refer to the exhibit.

Which will be the egress interface if the traffic’s ingress interface is ethernet 1/7 sourcing from 192.168.111.3
and to the destination 10.46.41.113?

A.

ethernet1/6

B.

ethernet1/3

C.

ethernet1/7

D.

ethernet1/5

Which log file can be used to identify SSL decryption failures?

A.

Configuration

B.

Threats

C.

ACC

D.

Traffic

In High Availability, which information is transferred via the HA data link?

A.

session information

B.

heartbeats

C.

HA state information

D.

User-ID information