JP Team net

When adding a Zero Touch Provisioning (ZTP) firewall to Panorama, when can the firewall be powered on?. A. After activating registration and completing license deployment profile. B. After all required installation and setup procedures are completed. C. During license activation. D. During installation.

In which security profile is credential phishing prevention implemented?. A. Antivirus. B. URL Filtering. C. Anti-spyware. D. Vulnerability Protection.

In which order does an NGFW process URL categories for Security policy?. asa. asa. jj. nn.

How does PAN-OS identify App-IDs to perform application-layer inspection?. A. From periodic updates that categorize web traffic based on domain names, focusing on web-browsing activities. B. From inspection of SSL certificates, cloud-based metadata, and manual application classification by the administrator. C. From predefined static rules based on IP addresses and ports configured by the administrator. D. From multiple classification mechanisms—application signatures, application protocol decoding, and heuristics.

Which two content updates can be pushed to NGFWs from Panorama? (Choose two.). A. Advanced URL Filtering. B. GlobalProtect data file. C. Applications and threats. D. WildFire.

Which two modes should be enabled on the GlobalProtect agent to allow a subset of users to connect directly to SaaS and Tunnel and internal applications while allowing the remaining users to connect through third-party VPN? (Choose two.). A. Tunnel. B. Clientless. C. Remote desktop protocol (RDP). D. Proxy.

By default, how often are signatures updated for firewalls with Advanced WildFire?. A. In real time. B. Within 5-10 minutes. C. Within 24—46 hours. D. Once a week.

Which security profile provides real-time protection against threat actors who exploit the misconfigurations of DNS infrastructure and redirect traffic to malicious domains?. A. URL Filtering. B. Vulnerability Protection. C. Antivirus. D. Antispyware.

Which two tools can be used to configure Cloud NGFWs for AWS? (Choose two.). aa. sss.

Which two tools can be used to configure Cloud NGFWs for AWS? (Choose two.). A. Panorama. B. Cortex XSIAM. C. Prisma Cloud management console. D. Cloud service provider (CSP) management console.

Why would a packet be processed through the slow path on an NGFW?. bb. vv.

Why would a packet be processed through the slow path on an NGFW?. A. |t only needs basic NAT and Security policy enforcement. B. |t does not require application identification or user identification. C. Iti s part of a new or unestablished session. D. It is part of an already established session.

Which GlobalProtect configuration is recommended for granular security enforcement of remote user device posture?. A. Configuring host information profile (HIP) checks for all mobile users. B. Applying log at session end to all GlobalProtect Security policies. C. Configuring a rule that blocks the ability of users to disable GlobalProtect while accessing internal applications. D. Implementing multi-factor authentication (MFA) for all users attempting to access internal applications.

Where does an administrator update the collection of infected hosts in Strata Cloud Manager (SCM) when isolating an identified endpoint from a network?. A. Actions. B. Quarantine devices. C. Host information profile. D. Quarantined device list.

Which step is necessary to ensure an organization is using the inline cloud analysis features in its Advanced Threat Prevention subscription?. A. Update or create a new Anti-spyware security profile and enable the appropriate local deep learning models. B. Enable SSL decryption in Security policies to inspect and analyze encrypted traffic for threats. C. Configure Advanced Threat Prevention profiles with default settings and only focus on high-risk traffic to avoid affecting network performance. D. Disable anti-spyware to avoid performance impacts and rely solely on external threat intelligence.

In which order is Prisma SD-WAN dynamic path selection performed?. bbbb. hnnn.

How does a firewall behave when SSL Inbound Inspection is enabled?. A. It decrypts traffic between the client and the external server. B. It decrypts inbound and outbound SSH connections. C. It acts transparently between the client and the internal server. D. It acts as meddler-in-the-middle between the client and the internal server.

Which two components of a Security policy, when configured, allow third-party contractors access to internal applications outside business hours? (Choose two.). A. App-ID. B. Service. C. User-ID. D. Schedule.

Which subscription sends non-file format-based traffic that matches Data Filtering profile criteria to a cloud service to render a verdict?. A. Advanced WildFire. B. Advanced URL Filtering. C. Enterprise DLP. D. Saas Security Inline.

When a rule has been set up to block uploading all Portable Executable (PE) files, which type of log will display blocked files that attempt to traverse the network?. A. Traffic. B. Threat. C. Data filtering. D. URL filtering.

How does Strata Logging Service help resolve ever-increasing log retention needs for a company using Prisma Access?. A. It can scale to meet the capacity needs of new locations as business grows. B. It increases resilience due to decentralized collection and storage of logs. C. Log traffic using the licensed bandwidth purchased for Prisma Access reduces overhead. D. Automatic selection of physical data storage regions decreases adoption time.

A cloud security architect is designing a certificate management strategy for Strata Cloud Manager (SCM) across hybrid environments. Which practice ensures optimal security with low management overhead?. A. Configure manual certificate deployment with quarterly reviews and environment-specific security protocols. B. Implement separate certificate authorities with independent validation rules for each cloud environment. C. Deploy centralized certificate automation with standardized protocols and continuous monitoring. D. Use cloud provider default certificates with scheduled synchronization and localized renewal processes.

Which NGFW tool should be reviewed when a management team wants feedback on how to reduce the attack surface of their network security deployment and how it maps to the Center for Internet Security (CIS) Critical Security Controls?. A. Command Center. B. Policy Optimizer. C. Executive summary report. D. Best Practice Assessment (BPA).

A primary firewall in a high availability (HA) pair is experiencing a current failover issue with ICMP pings to a secondary device. Which metric should be reviewed for proper ICMP pings between the firewall pair?. A. Heartbeat polling. B. Non-functional state. C. Link monitoring. D. Bidirectional Forwarding Detection (BFD).

When a firewall acts as an application-level gateway (ALG), what does it require in order to establish a connection?. A. Payload. B. Session Initiation Protocol (SIP). C. Dynamic IP and Port (DIPP). D. Pinholes.

Within which security profile is the DNS sinkholing action enabled?. A. DoS Protection. B. Antivirus. C. File Blocking. D. Anti-spyware.

Which two frameworks are compared in the Compliance Summary dashboard of Strata Cloud Manager (SCM)? (Choose two.). nn. bb.

Which two frameworks are compared in the Compliance Summary dashboard of Strata Cloud Manager (SCM)? (Choose two.). A. GDPR. B. PCI-DSS. C. NIST. D. CIS.

Which two features are supported when using traffic steering rules for remote network deployment on Prisma Access? (Choose two.). A. Bidirectional Forwarding Detection (BFD). B. Dynamic Address Group. C. Remote desktop protocol (RDP). D. External dynamic list.

Which two features can a network administrator use to troubleshoot the issue of a Prisma Access mobile user who is unable to access SaaS applications? (Choose two.). A. Autonomous Digital Experience Manager (ADEM) console. B. Capacity Analyzer. C. GlobalProtect logs. D. SaaS Application Risk Portal.

An administrator wants to implement additional Cloud-Delivered Security Services (CDSS) on a data center NGFW that already has one enabled. What benefit does the NGFW's single-pass parallel processing (SP3) architecture provide?. A. There will be only a minor reduction in performance. B. It allows for traffic inspection at the application level. C.There will be no additional performance degradation. D. It allows additional security inspection devices to be added inline.

Which zone is available for use in Prisma Access?. A. Interzone. B. Intrazone. C. DMZ. D. Clientless VPN.

A Prisma Access administrator wants to attach the same set of Security policies to each new rule created. How can the administrator automate the profiles to be attached to new rules?. A. Create profiles for each CDSS and name them "default.". B. Create a security profile group and name it “default.”. C. Use Policy Analyzer after creating the new rules. D. Use AlOps to automate the security profile group attachment.

Which NGFW function can be used to enhance visibility, protect, block, and log the use of Post-quantum Cryptography (PQC)?. A. Decryption profile. B. Decryption policy. C. DNS Security profile. D. Security policy.

Using Prisma Access, which solution provides the most security coverage of network protocols for the mobile workforce?. A. Clientless VPN. B. Explicit proxy. C. Enterprise browser. D. Client-based VPN.

A network security engineer wants to forward Strata Logging Service data to tools used by the Security Operations Center (SOC) for further investigation. In which best practice step of Palo Alto Networks Zero Trust does this fit?. A. Map and Verify Transactions. B. Standards and Designs. C. Implementation. D. Report & Maintenance.

Which file type does Advanced WildFire support for inline analysis to detect advanced malware?. A. APK. B. JAR. C. PE. D. PDF.

How many places will a firewall administrator need to create and configure a custom data loss prevention (DLP) profile across Prisma Access and the NGFW?. A. One. B. Two. C. Three. D. Four.

How do Cloud NGFW instances get created when using AWS centralized deployments?. A. A security VPC will be created as transit gateways to push all traffic through the area. B. They replace the internet gateway service. C. Selected VPCs will have Cloud NGFW workloads added to them. D. Cloud NGFW is placed in a vWAN with a virtual hub.

A company has an ongoing initiative to monitor and control IT-sanctioned SaaS applications. To be successful, it will require configuration of decryption policies, along with data filtering and URL Filtering Profiles used in Security policies. Based on the need to decrypt SaaS applications, which two steps are appropriate to ensure success? (Choose two.). A. Validate which certificates will be used to establish trust. B. Configure SSL Inbound Inspection. C. Create new self-signed certificates to use for decryption. D. Configure SSL Forward Proxy.

An administrator is responsible for updating which component of Prisma Access?. A. Content updates. B. VPN client. C. Data plane. D. Management plane.

Which two prerequisites must be evaluated when decrypting internet-bound traffic? (Choose two.). A. RADIUS profile. B. SAML certificate. C. Incomplete certificate chains. D. Certificate pinning.

When physical |ON devices are allocated, in which two states are they displayed on the Prisma SD-WAN web interface under "Devices"? (Choose two.). A. Offline. B. Needs attention. C. Unclaimed. D. Standby.

What is the recommended upgrade path from PAN-OS 9.1 to PAN-OS 11.2?. 9.1 - 11.2. 9.1 - 11.0 - 11.2. 9.1 - 10.0 - 11.0 - 11.2. 9.1 - 10.0 - 11.1 - 11.2.

Which Security policy on a data center NGFW will block intrazone traffic in Zone Colorado for the Dynamic User Group "Testers" and custom application "Payment System"?. a. b. c. c.

What is a necessary step for creation of a custom Prisma Access report on Strata Cloud Manager (SCM)?. A. Open a support ticket. B. Configure a dashboard. C. Generate a PDF summary report. D. Set up Cloud Identity Engine.

Which firewall attribute simplifies rule creation and automatically adapts to changes in server roles or security posture based on log events?. A. Address objects. B. Dynamic User Groups. C. Predefined |P addresses. D. Dynamic Address Groups.

A firewall administrator wants to enable host information profiles (HIPs) to collect information from corporate hosts by using GlobalProtect. Which two details will the administrator be able to collect from the host? (Choose two.). A. Host memory consumption. B. Disk encryption. C. Antivirus definitions. D. WAN statistics.

Which functionality does an NGFW use to determine whether new session setups are legitimate or illegitimate?. A. Random Early Detection (RED). B. SYN flood protection. C. SYN cookies. D. SYN bit.

How do template stacks help manage firewall configurations in Panorama?. A. By creating a diagram of the network for a view of all firewalls. B. By handling firmware updates across multiple firewalls. C. By grouping templates across multiple firewalls. D. By creating template variables for permanent configurations in firewalls.

Which two types of logs must be forwarded to Strata Logging Service for loT Security to function? (Choose two.). A. Enhanced application. B. WildFire. C. Traffic. D. Threat.

What must be configured to successfully onboard a Prisma Access remote network using Strata Cloud Manager (SCM)?. A. Autonomous Digital Experience Manager (ADEM). B. Cloud Identity Engine. C. IPSec termination node. D. GlobalProtect agent.

Which two configurations are required when creating deployment profiles to migrate a perpetual VM-Series firewall to a flexible VM? (Choose two). A. Deploy virtual Panorama for management. B. Allow only the same security services as the perpetual VM. C. Allocate the same number of vCPUs as the perpetual VM. D. Choose "Fixed vCPU Models" for configuration type.

Which profile can help prevent the transmission of sensitive information to internet applications?. A. Data Filtering. B. Anti-spyware. C. Antivirus. D. URL Filtering.

A network engineer pushes specific Panorama reports of new AI URL category types to branch NGFWS. Which two report types achieve this goal? (Choose two.). A. SNMP. Custom. AI. PDF Summary.

Which set of attributes is used by loT Security to identify and classify appliances on a network when determining Device-ID?. A. Device model, firmware version, and user credential. B. MAC address, device manufacturer, and operating system. C. IP address, network traffic patterns, and device type. D. Hostname, application usage, and encryption method.

Which feature of SaaS Security will allow a firewall administrator to identify unknown SaaS applications in an environment?. A. App-ID Cloud Engine. B. SaaS Data Security. C. App-ID. D. Cloud Identity Engine.

Which method in the WildFire analysis report detonates unknown submissions to provide visibility into real-world effects and behavior?. A. Machine learning (ML). B. Intelligent Run-time Memory Analysis. C. Dynamic analysis. D. Static analysis.

After a firewall is associated with Strata Cloud Manager (SCM), which two additional actions are required to enable management of the firewall from SCM? (Choose two.). A. Deploy a service connection for each branch site and connect with SCM. B. Configure NTP and DNS servers for the firewall. C. Install a device certificate. D. Configure a Security policy allowing "stratacloudmanager.paloaltonetworks.com" for all users.

In a service provider environment, what key advantage does implementing virtual systems provide for managing multiple customer environments?. A. Shared threat prevention policies across all tenants. B. Centralized authentication for all customer domains. C. Unified logging across all virtual systems. D. Logical separation of control and Security policy.

In which two applications can Prisma Access threat logs for mobile user traffic be reviewed? (Choose two.). A. Service connection firewall. B. Prisma Cloud dashboard. C. Strata Cloud Manager (SCM). D. Strata Logging Service.

A network security engineer needs to implement segmentation but is under strict compliance requirements to place security enforcement as close as possible the private applications hosted in Azure. Which deployment style is valid and meets the requirements in this scenario?. A. On a VM-Series NGFW, configure several Layer 2 zones with Layer 2 interfaces assigned to logically segment the network. B. On a PA-Series NGFW, configure several Layer 2 zones with Layer 2 interfaces assigned to logically segment the network. C. On a VM-Series NGFW, configure several Layer 3 zones with Layer 3 interfaces assigned to logically segment the network. D. On a PA-Series NGFW, configure several Layer 3 zones with Layer 3 interfaces assigned to logically segment the network.