- Email support@dumps4free.com
Topic 1 : Main Questions pool
VPN traffic intended for an administrator’s Palo Alto Networks NGFW is being maliciously intercepted and
retransmitted by the interceptor. When creating a VPN tunnel, which protection profile can be enabled to prevent this malicious behavior?
A.
Zone Protection
B.
DoS Protection
C.
Web Application
D.
Replay
Zone Protection
An administrator has been asked to create 100 virtual firewalls in a local, on-premise lab environment (not in“the cloud”). Bootstrapping is the most expedient way to perform this task.
Which option describes deployment of a bootstrap package in an on-premise virtual environment?
A.
Use config-drive on a USB stick.
B.
Use an S3 bucket with an ISO.
C.
Create and attach a virtual hard disk (VHD).
D.
Use a virtual CD-ROM with an ISO.
Use a virtual CD-ROM with an ISO.
Reference:
https://www.paloaltonetworks.com/documentation/71/pan-os/newfeaturesguide/management-features/bootstrappingfirewalls-
for-rapid-deployment.html
A customer has an applicationthat is being identified as unknown-top for one of their custom PostgreSQL
database connections. Which two configuration options can be used to correctly categorize their custom
database application? (Choose two.)
A.
Application Override policy.
B.
Securitypolicy to identify the custom application.
C.
Custom application.
D.
Custom Service object.
Securitypolicy to identify the custom application.
Custom Service object.
The firewall determines if a packet is the first packet of a new session or if a packet is part of an existing
session using which kind of match?
A.
5-tuple match
B.
Source IP Address, Destination IP Address, Source Port, Destination Port, Protocol
C.
7-tuple match
D.
Source IP Address, Destination IP Address, Source Port, Destination Port ,Source User, URLCategory
and Source Security Zone.
E.
6-tuple match
Source IP Address, Destination IP Address, Source Port, Destination Port, Protocol and Source Security
Zone
F.
9-tuple match
G.
Source IP Address, Destination IP Address, Source Port, Destination Port, Source User, Source Security
Zone, Destination Security Zone, Application and URL Category
5-tuple match
Which processing order will be enabled when a Panorama administrator selects the setting “Objects defined in ancestors will take higher precedence?”
A.
Descendant objects will take precedence over other descendant objects.
B.
Descendant objects will take precedence over ancestor objects.
C.
Ancestor objects will have precedence over descendant objects.
D.
Ancestor objects will have precedence over other ancestor objects.
Ancestor objects will have precedence over descendant objects.
Reference:
https://www.paloaltonetworks.com/documentation/71/pan-os/web-interface-help/device/device-setup-management
| Page 10 out of 55 Pages |
| Previous |