When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?
An administrator is configuring a NAT rule
At a minimum, which three forms of information are required? (Choose three.)
Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP –to-user mappings as soon as possible with minimal downtime and minimal configuration changes to the wireless devices themselves. The wireless devices are from various manufactures.
Given the scenario, choose the option for sending IP-to-user mappings to the NGFW.
Which two features can be used to tag a user name so that it is included in a dynamic user group? (Choose two)
Which table for NAT and NPTv6 (IPv6-to-IPv6 Network Prefix Translation) settings is available only on Panorama?
An administrator needs to allow users to use only certain email applications.
How should the administrator configure the firewall to restrict users to specific email applications?
Where does a user assign a tag group to a policy rule in the policy creation window?
Which setting is available to edit when a tag is created on the local firewall?
Which two Palo Alto Networks security management tools provide a consolidated creation of policies, centralized management and centralized threat intelligence. (Choose two.)
Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?
You receive notification about a new malware that infects hosts An infection results in the infected host attempting to contact a command-and-control server Which Security Profile when applied to outbound Security policy rules detects and prevents this threat from establishing a command-and-control connection?
How does the Policy Optimizer policy view differ from the Security policy view?
Based on the network diagram provided, which two statements apply to traffic between the User and Server networks? (Choose two.)
Which definition describes the guiding principle of the zero-trust architecture?
An administrator creates a new Security policy rule to allow DNS traffic from the LAN to the DMZ zones. The administrator does not change the rule type from its default value.
What type of Security policy rule is created?
What do you configure if you want to set up a group of objects based on their ports alone?
What is considered best practice with regards to committing configuration changes?
In the PAN-OS Web Interface, which is a session distribution method offered under NAT Translated Packet Tab to choose how the firewall assigns sessions?
How are Application Fillers or Application Groups used in firewall policy?
Which System log severity level would be displayed as a result of a user password change?
Which two rule types allow the administrator to modify the destination zone? (Choose two )
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base.
On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days.
Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
An administrator is reviewing another administrator s Security policy log settings
Which log setting configuration is consistent with best practices tor normal traffic?
What are the two default behaviors for the intrazone-default policy? (Choose two.)
View the diagram. What is the most restrictive, yet fully functional rule, to allow general Internet and SSH traffic into both the DMZ and Untrust/lnternet zones from each of the lOT/Guest and Trust Zones?
A)
B)
C)
D)
Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Order the steps needed to create a new security zone with a Palo Alto Networks firewall.
What is a recommended consideration when deploying content updates to the firewall from Panorama?
Which Palo Alto network security operating platform component provides consolidated policy creation and centralized management?
An administrator wants to reference the same address object in Security policies on 100 Panorama managed firewalls, across 10 device groups and five templates.
Which configuration action should the administrator take when creating the address object?
Based on the security policy rules shown, ssh will be allowed on which port?
A systems administrator momentarily loses track of which is the test environment firewall and which is the production firewall. The administrator makes changes to the candidate configuration of the production firewall, but does not commit the changes. In addition, the configuration was not saved prior to
making the changes.
Which action will allow the administrator to undo the changes?
What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?
Starting with PAN-OS version 9.1, application dependency information is now reported in which two locations? (Choose two.)
Which firewall feature do you need to configure to query Palo Alto Networks service updates over a data-plane interface instead of the management interface?
An administrator would like to override the default deny action for a given application and instead would like to block the traffic and send the ICMP code "communication with the destination is administratively prohibited"
Which security policy action causes this?
Which license is required to use the Palo Alto Networks built-in IP address EDLs?
Which feature enables an administrator to review the Security policy rule base for unused rules?
Which three filter columns are available when setting up an Application Filter? (Choose three.)
Which type of administrative role must you assign to a firewall administrator account, if the account must include a custom set of firewall permissions?
Which two components are utilized within the Single-Pass Parallel Processing architecture on a Palo Alto Networks Firewall? (Choose two.)
What is a default setting for NAT Translated Packets when the destination NAT translation is selected as Dynamic IP (with session distribution)?
What are the two main reasons a custom application is created? (Choose two.)
A server-admin in the USERS-zone requires SSH-access to all possible servers in all current and future Public Cloud environments. All other required connections have already been enabled between the USERS- and the OUTSIDE-zone. What configuration-changes should the Firewall-admin make?
The CFO found a malware infected USB drive in the parking lot, which when inserted infected their corporate laptop the malware contacted a known command-and-control server which exfiltrating corporate data.
Which Security profile feature could have been used to prevent the communications with the command-and-control server?
During the packet flow process, which two processes are performed in application identification? (Choose two.)
Review the Screenshot:
Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the
SERVER zone to the DMZ on SSH only.
Which rule group enables the required traffic?
A)
B)
C)
D)
An administrator wants to enable access to www.paloaltonetworks.com while denying access to all other sites in the same category.
Which object should the administrator create to use as a match condition for the security policy rule that allows access to www.paloaltonetworks.com?
Which path is used to save and load a configuration with a Palo Alto Networks firewall?
The Palo Alto Networks NGFW was configured with a single virtual router named VR-1 What changes are required on VR-1 to route traffic between two interfaces on the NGFW?
URL categories can be used as match criteria on which two policy types? (Choose two.)
A website is unexpectedly allowed due to miscategorization.
What are two way-s to resolve this issue for a proper response? (Choose two.)
Within a WildFire Analysis Profile, what match criteria can be defined to forward samples for analysis?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Prior to a maintenance-window activity, the administrator would like to make a backup of only the running configuration to an external location.
What command in Device > Setup > Operations would provide the most operationally efficient way to achieve this outcome?
Which two statements are true for the DNS security service introduced in PAN-OS version 10.0?
In which section of the PAN-OS GUI does an administrator configure URL Filtering profiles?
Which administrative management services can be configured to access a management interface?
Which administrator type utilizes predefined roles for a local administrator account?
Which Security profile would you apply to identify infected hosts on the protected network uwall user database?
Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources?
Which built-in IP address EDL would be useful for preventing traffic from IP addresses that are verified as unsafe based on WildFire analysis Unit 42 research and data gathered from telemetry?
Which profile should be used to obtain a verdict regarding analyzed files?
An administrator is investigating a log entry for a session that is allowed and has the end reason of aged-out. Which two fields could help in determining if this is normal? (Choose two.)
An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?
Which Security profile must be added to Security policies to enable DNS Signatures to be checked?
Which type firewall configuration contains in-progress configuration changes?
Selecting the option to revert firewall changes will replace what settings?
After making multiple changes to the candidate configuration of a firewall, the administrator would like to start over with a candidate configuration that matches the running configuration.
Which command in Device > Setup > Operations would provide the most operationally efficient way to accomplish this?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)
Which path in PAN-OS 10.2 is used to schedule a content update to managed devices using Panorama?
Which two security profile types can be attached to a security policy? (Choose two.)
Based on the graphic, what is the purpose of the SSL/TLS Service profile configuration option?
Which three types of Source NAT are available to users inside a NGFW? (Choose three.)
What are three characteristics of the Palo Alto Networks DNS Security service? (Choose three.)
Which User Credential Detection method should be applied within a URL Filtering Security profile to check for the submission of a valid corporate username and the associated password?
Which information is included in device state other than the local configuration?
Where in the PAN-OS GUI can an administrator monitor the rule usage for a specified period of time?
A network administrator created an intrazone Security policy rule on the firewall. The source zones were set to IT. Finance, and HR.
Which two types of traffic will the rule apply to? (Choose two)
By default, what is the maximum number of templates that can be added to a template stack?
Which two firewall components enable you to configure SYN flood protection thresholds? (Choose two.)
Which action results in the firewall blocking network traffic with out notifying the sender?
An administrator is troubleshooting an issue with traffic that matches the intrazone-default rule, which is set to default configuration.
What should the administrator do?
Which license must an administrator acquire prior to downloading Antivirus updates for use with the firewall?
An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone The administrator does not want to allow traffic between the DMZ and LAN zones.
Which Security policy rule type should they use?