How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?
A
Which CLI command enables an administrator to view detail about the firewall including uptime. PAN -OS version, and
serial number?
C
An administrator has left a firewall to used default port for all management services. Which three function performed by the
dataplane? (Choose three.)
A C D
A client has a sensitive application server in their data center and is particularly concerned about resource exhaustion
because of distributed denial-of-service attacks.
How can the Palo Alto Networks NGFW be configured to specifically protect tins server against resource exhaustion
originating from multiple IP address (DDoS attack)?
B
A firewall administrator has been asked to configure a Palo Alto Networks NGFW to prevent against compromised hosts
trying to phone-number or bacon out to eternal command-and-control (C2) servers.
Which Security Profile type will prevent these behaviors?
D
Which administrative authentication method supports authorization by an external service?
B
What should an administrator consider when planning to revert Panorama to a pre-PAN-OS 8.1 version?
B
Which feature prevents the submission of corporate login information into website forms?
A
An administrator using an enterprise PKI needs to establish a unique chain of trust to ensure mutual authentication between
panorama and the managed firewall and Log Collectors. How would the administrator establish the chain of trust?
C
An administrator is using Panorama and multiple Palo Alto Networks NGFWs. After upgrading all devices to the latest PAN-
OS software, the administrator enables logs forwarding from the firewalls to panorama
Pre-existing logs from the firewall are not appearing in Panorama.
Which action would enables the firewalls to send their preexisting logs to Panorama?
A
The firewall identified a popular application as a unknown-tcp. Which options are available to identify the application?
(Choose two.)
B D
Which processing order will be enabled when a panorama administrator selects the setting "Objects defined in ancestors will
takes higher precedence?
B
Which three file types can be forward to WildMFire for analysis a part of the basic WildMFire service?
B D E
When a malware-infected host attempts to resolve a known command-and-control server, the traffic matches a security
policy with DNS sinhole enabled, generating a traffic log.
What will be the destination IP Address in that log entry?
C
Explanation:
https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Verify-DNS-Sinkhole-Function-is-Working/
An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs.
The administrator assigns priority 100 to the active firewall. Which priority is collect tot the passive firewall?
D