NEW QUESTION 1
How does Panorama prompt VMWare NSX to quarantine an infected VM?

• A. HTTP Server Profile
• B. Syslog Server Profile
• C. Email Server Profile
• D. SNMP Server Profile

Answer: A

NEW QUESTION 2
An administrator is using Panorama and multiple Palo Alto Networks NGFWs. After upgrading all
devices to the latest PAN-OS® software, the administrator enables log forwarding from the firewalls to Panorama. Pre-existing logs from the firewalls are not appearing in PanoramA.
Which action would enable the firewalls to send their pre-existing logs to Panorama?

• A. Use the import option to pull logs into Panorama.
• B. A CLI command will forward the pre-existing logs to Panorama.
• C. Use the ACC to consolidate pre-existing logs.
• D. The log database will need to exported form the firewalls and manually imported into Panorama.

Answer: B

NEW QUESTION 3
Which User-ID method maps IP addresses to usernames for users connecting through an 802.1x- enabled wireless network device that has no native integration with PAN-OS® software?

• A. XML API
• B. Port Mapping
• C. Client Probing
• D. Server Monitoring

Answer: A

Explanation: Captive Portal and the other standard user mapping methods might not work for certain types of user access. For example, the standard methods cannot add mappings of users connecting from a
third-party VPN solution or users connecting to a 802.1x-enabled wireless network. For such cases, you can use the PAN-OS XML API to capture login events and send them to the PAN-OS integrated User-ID agent Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/user-id/user-id-concepts

NEW QUESTION 4
What are three valid actions in a File Blocking Profile? (Choose three)

• A. Forward
• B. Block
• C. Alret
• D. Upload
• E. Reset-both
• F. Continue

Answer: ABC

Explanation: https://live.paloaltonetworksHYPERLINK "https://live.paloaltonetworks.com/t5/Configuration-Articles/File-Blocking-Rulebase-and-Action-Precedence/ta-p/53623".com/t5/Configuration- ArticHYPERLINK "https://live.paloaltonetworks.com/t5/Configuration-Articles/File-Blocking-Rulebase-and-Action-Precedence/ta-p/53623"les/File-Blocking-RulebHYPERLINK "https://live.paloaltonetworks.com/t5/Configuration-Articles/File-Blocking-Rulebase-and-Action-Precedence/ta-p/53623"ase-and-Action-Precedence/ta-p/53623

NEW QUESTION 5
To connect the Palo Alto Networks firewall to AutoFocus, which setting must be enabled?

• A. Device>Setup>Services>AutoFocus
• B. Device> Setup>Management >AutoFocus
• C. AutoFocus is enabled by default on the Palo Alto Networks NGFW
• D. Device>Setup>WildFire>AutoFocus
• E. Device>Setup> Management> Logging and Reporting Settings

Answer: B

Explanation: Reference: https://www.paloaHYPERLINK
"https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence"ltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence

NEW QUESTION 6
Which three file types can be forwarded to WildFire for analysis as a part of the basic WildFire service? (Choose three.)

• A. dll
• B. exe
• C. src
• D. apk
• E. pdf
• F. jar

Answer: DEF

Explanation: Reference: https://www.paloaltonetworks.com/documentation/80/wildfire/wf_admin/wildfire-overview/wildfire-file-type-support

NEW QUESTION 7
Which three settings are defined within the Templates object of Panorama? (Choose three.)

• A. Setup
• B. Virtual Routers
• C. Interfaces
• D. Security
• E. Application Override

Answer: ADE

NEW QUESTION 8
A network security engineer has a requirement to allow an external server to access an internal web server. The internal web server must also initiate connections with the external server.
What can be done to simplify the NAT policy?

• A. Configure ECMP to handle matching NAT traffic
• B. Configure a NAT Policy rule with Dynamic IP and Port
• C. Create a new Source NAT Policy rule that matches the existing traffic and enable the Bi-directional option
• D. Create a new Destination NAT Policy rule that matches the existing traffic and enable the Bi- directional option

Answer: C

Explanation: https://www.paloaltonetworks.com/documentation/70/pan-os/pan-os/networking/nat-configuration-examples

NEW QUESTION 9
Which two features does PAN-OS® software use to identify applications? (Choose two)

• A. port number
• B. session number
• C. transaction characteristics
• D. application layer payload

Answer: CD

NEW QUESTION 10
DRAG DROP
When using the predefined default profile, the policy will inspect for viruses on the decoders. Match each decoder with its default action.
Answer options may be used more than once or not at all.

Answer:

Explanation:

NEW QUESTION 11
Which two interface types can be used when configuring GlobalProtect Portal?(Choose two)

• A. Virtual Wire
• B. Loopback
• C. Layer 3
• D. Tunnel

Answer: BC

NEW QUESTION 12
The GlobalProtect Portal interface and IP address have been configured. Which other value needs to be defined to complete the network settings configuration of GlobalPortect Portal?

• A. Server Certificate
• B. Client Certificate
• C. Authentication Profile
• D. Certificate Profile

Answer: A

Explanation: (https://live.paloaltonetworks.HYPERLINK "https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-GlobalProtect/ta-p/58351"com/t5/Configuration-Articles/How-to- Configure-GlobalProtect/ta-p/58351)

NEW QUESTION 13
A Security policy rule is configured with a Vulnerability Protection Profile and an action of ‘Deny”. Which action will this cause configuration on the matched traffic?

• A. The configuration is invali
• B. The Profile Settings section will be grayed out when the Action is set to “Deny”.
• C. The configuration will allow the matched session unless a vulnerability signature is detecte
• D. The “Deny” action will supersede theper-severity defined actions defined in the associated Vulnerability Protection Profile.
• E. The configuration is invali
• F. It will cause the firewall to skip this Security policy rul
• G. A warning will be displayed during a commit.
• H. The configuration is vali
• I. It will cause the firewall to deny the matched session
• J. Any configured Security Profiles have no effect ifthe Security policy rule action is set to “Deny.”

Answer: B

NEW QUESTION 14
An administrator has configured a QoS policy rule and a QoS profile that limits the maximum allowable bandwidth for the YouTube application. However , YouTube is consuming more than the maximum bandwidth allotment configured.
Which configuration step needs to be configured to enable QoS?

• A. Enable QoS Data Filtering Profile
• B. Enable QoS monitor
• C. Enable Qos interface
• D. Enable Qos in the interface Management Profile.

Answer: C

NEW QUESTION 15
Which command can be used to validate a Captive Portal policy?

• A. eval captive-portal policy <criteria>
• B. request cp-policy-eval <criteria>
• C. test cp-policy-match <criteria>
• D. debug cp-policy <criteria>

Answer: C

NEW QUESTION 16
A company.com wants to enable Application Override. Given the following screenshot:

Which two statements are true if Source and Destination traffic match the Application Override policy? (Choose two)

• A. Traffic that matches "rtp-base" will bypass the App-ID and Content-ID engines.
• B. Traffic will be forced to operate over UDP Port 16384.
• C. Traffic utilizing UDP Port 16384 will now be identified as "rtp-base".
• D. Traffic utilizing UDP Port 16384 will bypass the App-ID and Content-ID engines.

Answer: AC