Which component of the integrated Palo Alto Networks security solution limits network-attached workstation access to a corporate
... [Show More] mainframe?
next-generation firewall
Which Palo Alto Networks product is designed primarily to provide threat context with deeper information about attacks?
AutoFocus
Which Palo Alto Networks product is designed primarily to provide normalization of threat intelligence feeds with the potential for automated resopnse?
MineMeld
Which Palo Alto Networks product is designed primarily to prevent endpoints from successfully running malware programs?
Traps
The Palo Alto Networks Cortex Data Lake can accept logging from which two products?
Traps
Next-generation firewalls
Which Palo Alto Networks product is a cloud-based storage service designed to hold log information?
Cortex Data Lake
Which product is an example of an application designed to analyze Cortex Data Lake information?
Cortex XDR- Analytics
A potential customer says it wants to maximize the threat detection capability of its next-generation firewall. Which three additional services should it consider implementing to enhance its firewall's capability to detect threats?
WildFire
URL Filtering
DNS Security
A VM-Series firewall differs from a physical Palo Alto Networks firewall in which way?
A VM-Series firewall supports fewer traffic interface types
Which product would best secure east-west traffic within a public cloud implementation?
VM-Series firewall
Why would you recommend an active/active firewall cluster instead of an active/passive firewall cluster?
Active/active is the preferred solution when the firewall cluster is behind a load balancer that randomizes routing, thus requiring both firewalls to be active
Which two events can trigger an HA pair failover event?
1. An HA cable is disconnected from one of the firewalls
2. The firewall fails to ping a path-monitored destination address successfully
Which two firewall features support floating IP addresses in an active/active HA Pair?
1. Source NAT
2. VPN Endpoints
How are firewalls configurations in an active/passive HA pair synchronized if the firewalls are not under Panorama control?
An administrator commits the change to one, which automatically synchronizes with the other
In which two ways is an active/passive HA pair configured in virtual firewalls deployed in any public clouds?
1. The virtual firewalls are deployed in a cloud "scale set" with a cloud-supplied load balancer in front to detect and manage failover
2. The virtual firewalls rely on a VM-Series plugin to map appropriate cloud functions to the firewall's HA settings
Without having to make network address configuration changes, you would use which type of network interface to insert a Palo Alto Networks firewall in front of a legacy port-based firewall to collect application information from incoming network traffic?
virtual wire (vWire)
Which type of interface do you use to connect Layer 2 and Layer 3 interfaces?
VLAN interface
Which three types of interfaces can the firewall's management web interface be bound to?
1. VLAN
2. Tunnel
3. Layer 3
Which three types of interfaces connect to a virtual router?
1. VLAN
2. Tunnel
3. Layer 3
Which dynamic routing protocol is not supported by the Palo Alto Networks firewall?
IGRP
Which action is not compatible with aggregate interface configuration?
aggregating 12 Layer 3 interfaces
In a Panorama environment, how do you create and view enterprise-wide reports that include data from all managed firewalls?
Run Panorama reports normally. Firewall summary reporting information is gathered automatically once the firewalls are managed by Panorama
What must you configure to guarantee duplication of log data on Log Collectors?
Log Collector settings to include "Enable log redundancy"
Which three devices can be used as Log Collectors?
1. Virtual Panorama
2. M-600
3. M-200
True/False
Both Panoramas collect independent logging traffic and are not affected by failover.
True
True/False
Both Panoramas receive the same logging traffic and synchronize in case of HA failover.
False
How are log retention periods on Palo Alto Networks firewalls increased?
Forward logs to external Log Collectors
How do you access, and view firewall log data sent to the Cortex Data Lake?
Through Panorama using a Log Collector configuration for access
Log retention is increased when a Dedicated Log Collector is used to collect logs from firewalls in which two ways?
1. Adding storage capacity to the Log Collector
2. Adding Log Collectors to the Log Collector group
The Security policy for all of a customer's remote offices is the same, but different offices have different firewall models. If the remote offices are managed by Panorama, how might the offices share device groups and templates?
Same device group, different template stacks [Show Less]