Which three steps must an administrator perform to load only address objects from a PAN-OS saved configuration file into a VM-300 firewall that is in production? (Choose three.)

import named configuration snapshot through the web interface

use load config partial command

enter the configuration mode from the CLI

use the device configuration import in Panorama

load the config in the web interface and commit

DRAG DROP - Match the task for server settings in group mapping with its order in the process

Navigate to Device > User Identification > Group Mapping

Enter a unique name to identify the group mapping configuration

DRAG DROP - Match the App-ID adoption task with its order in the process

Perform a like-for-like (layer 3/4) migration from the legacy firewall to the Palo Alto Networks NGFW

Capture, retain, and verify that all trafic has been logged for a period of time.

Clone the legacy rules and add aplication information to the intended application-based rules

Verify thet no traffic is hitting the legacy rules.

TAC has requested a PCAP on your Panorama to see why the DNS app is having intermittent issues resolving FQDN. What is the appropriate CLI command?

tcpdump snaplen 0 filter “port 53”

tcpdump snaplen 53 filter “port 53”

tcp dump snaplen 0 filter “app dns”

tcp dump snaplen 53 filter “tcp 53”

A firewall configuration is being migrated by Expedition from a third-party vendor to a Palo Alto Networks Next-Generation Firewall (NGFW.). Expedition flags one service as invalid following the import of the original configuration file. An engineer investigates and finds the invalid service to be ping which is used by the security policies. Which action should the engineer take?

Use the search & replace in Expedition to replace the ping service classification with ping application

Create an Application Override policy to override the ping service classification with ping application.

Remove ping service from all the policies which reference it.

Ignore the invalid flag in Expedition for the firewall to accept ping service.

SSL decryption has been implemented in a customer environment. The firewall protecting this environment is using PAN-OS 10.0. Users of an application are filing support cases claiming that a function of this application is no longer working. Where should the investigation for decryption issues begin?

the “session end reason” column in the Traffic log

the CLI, using the less mp-log ikemgr.log command

What information is necessary to properly plan the deployment of a Panorama hardware appliance for firewall management?

Wiring, power, Console access, and management interface connectivity

Virtual router, zones, and interface configuration of the dataplane interface

ESXi Server location and routing to the Panorama appliance

Panorama Mode, number of managed devices, CPU, and memory allocation in the hypervisor

SSL Forward Proxy decryption is enabled on the firewall. When clients use Chrome to browse to HTTPS sites, the firewall returns the Forward Trust certificate, even when accessing websites with invalid certificates. The clients need to be presented with a browser warning error with the option to proceed to websites with invalid certificates. Which two options will satisfy this requirement? (Choose two.)

Create a self-signed Forward Untrust enabled certificate.

Remove the Forward Untrust option from the Forward Trust certificate.

Create a PKI signed Forward Untrust enabled certificate.

Create a Decryption Profile with the “Block sessions with expired certificates” option enabled.

Your customer wants to implement Active/Active High Availability for their PA-5260 pair. The following conditions are true in their environment: -They are using multiple Layer 3 interfaces to process traffic. -Their routing topology requires the use of Network Address Translation policies to ensure that traffic can reach its destinations correctly. -They prefer to have the session workload distributed as evenly as possible to ensure both firewalls have lower resource utilization. -They make use of dynamic routing protocols on their virtual routers for route-based redundancy. -They chose to go with Active/Active for failover speed reasons. Which three of the following HA configurations should your customer ensure they use to meet these requirements? (Choose three.)

HA1A, HA1B, HA2, and HA3 interfaces

Active/Active HA Binding in the NAT policies

Session selection algorithm – First Packet

Session selection algorithm – Primary Device

Which CLI command should you use to verify whether all SFP, SFP+, or QSFP modules are installed in a firewall?

show system state filter sys.s*.p*.phy

show system state filter sys.p*.phy

show interface <interface name> detail

PCNSC question 21 to 40

Professional Development

•

20 Qs

Similar activities

G4 paper 1 Workplace Safety Quiz

Professional Development

•

15 Qs

Zero Trust Management

Professional Development

•

15 Qs

9. Isolator, Jumpers, AT & Neutral Section

Professional Development

•

15 Qs

FIRST GRADE QP - HIGHWAY ENGINEERING

Professional Development

•

15 Qs

Day 38-Oct 28-worksheet-Diploma-Hydraulic pumps part 1

Professional Development

•

15 Qs

Day 37-Oct 27-worksheet-Diploma-Turbines

Professional Development

•

15 Qs

Basic Occupational Health & Safety

Professional Development

•

15 Qs

Day 37-Oct 27-worksheet-PWD-Cement&Bricks

Professional Development

•

15 Qs

PCNSC question 21 to 40

Quiz

•

Engineering

•

Professional Development

•

Practice Problem

•

Hard

Juan Juan

FREE Resource

20 questions

Show all answers

CATEGORIZE QUESTION

3 mins • 1 pt

Match the command with the appropriate scenario for its use

Groups:

(a) Management plane resource

(b) Data plane resources

(d) Authentication log

show running resource-monitor

show system resources

tail follow yes dp.log authd.log

debug dataplane packet-diag

tail follow yes mp.log authd.log

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Your customer is setting up an IPsec VPN tunnel with a third party. The third-party device only supports policy-based IPsec VPN tunnels.
What must be set up on the IPsec tunnel on the Palo Alto Networks Next-Generation Firewall to support policy-based tunnels?

policy-based forwarding

static route

Proxy-ID

DNS proxy

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which category of Vulnerability Signatures is most likely to trigger false positive alerts?

info-leak

code-execution

phishing

brute-force

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What information is required in order to plan the deployment of a perimeter firewall?

the management IP of the DSL device provided by the ISP

The operating system and browser version of the management client

the link type and speed of the surrounding devices

the name of the Internet provider and the cost of the link

MULTIPLE SELECT QUESTION

45 sec • 1 pt

A customer uses an application on the network that shows unknown-tcp application in the traffic logs.
Which two actions can the administrator take to make the application display this information? (Choose two.)

Create a custom application by using fingerprinting applications

Submit a request for a new App-ID on the Application & Threat Research Center

Create a customer application by using signatures

Submit a request for new App-ID with Unit-42

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What happens when a packet from an existing session is received by a firewall that is not the owner in an HA active/active configuration?

The firewall requests the sender to resend the packet

The firewall forwards the packet to the peer firewall over the HA3 link.

The firewall takes ownership of the session from the peer firewall

The firewall drops the packet to prevent any L3 loops.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

You have just completed a firewall migration project in Expedition. Expedition is not directly connected to a firewall. You decide to export the configuration.
What two file types will be available to you in the download options? (Choose two.)

a tech support file for the target firewall

the README file describing how to use the XML file

a TXT file with SET commands

an XML file to upload to the Palo Alto Networks device

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

AE01 Identification of Components and Circuits

Quiz

•

Professional Development

15 questions

Defect Handling Quiz

Quiz

•

Professional Development

20 questions

Quiz Sistem Experion LX

Quiz

•

Professional Development

20 questions

Asset and Facility Management

Quiz

•

Professional Development

15 questions

RME Review - Forward Reverse Starters

Quiz

•

Professional Development

15 questions

BIT_QUIZ_Hadoop

Quiz

•

Professional Development

23 questions

Python Programming Quiz-03

Quiz

•

Professional Development

16 questions

Electric Vehicle Module 2

Quiz

•

Professional Development

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Engineering

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

25 questions

Christmas Movies

Quiz

•

Professional Development

20 questions

Christmas Trivia

Quiz

•

Professional Development

15 questions

Fun Holiday Trivia

Quiz

•

Professional Development

25 questions

Name That Tune - Christmas

Quiz

•

Professional Development

29 questions

Christmas Song Emoji Pictionary

Quiz

•

Professional Development

9 questions

Holiday Movie Trivia

Lesson

•

Professional Development

34 questions

Winter Trivia

Quiz

•

Professional Development

PCNSC question 21 to 40

20 questions

​ ​ ​ ​ ​ ​ Match the command with the appropriate scenario for its use

Your customer is setting up an IPsec VPN tunnel with a third party. The third-party device only supports policy-based IPsec VPN tunnels.What must be set up on the IPsec tunnel on the Palo Alto Networks Next-Generation Firewall to support policy-based tunnels?

Which category of Vulnerability Signatures is most likely to trigger false positive alerts?

What information is required in order to plan the deployment of a perimeter firewall?

A customer uses an application on the network that shows unknown-tcp application in the traffic logs.Which two actions can the administrator take to make the application display this information? (Choose two.)

What happens when a packet from an existing session is received by a firewall that is not the owner in an HA active/active configuration?

You have just completed a firewall migration project in Expedition. Expedition is not directly connected to a firewall. You decide to export the configuration.What two file types will be available to you in the download options? (Choose two.)

Which three steps must an administrator perform to load only address objects from a PAN-OS saved configuration file into a VM-300 firewall that is in production? (Choose three.)

DRAG DROP -Match the task for server settings in group mapping with its order in the process

DRAG DROP -Match the App-ID adoption task with its order in the process

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Engineering

Match the command with the appropriate scenario for its use

Your customer is setting up an IPsec VPN tunnel with a third party. The third-party device only supports policy-based IPsec VPN tunnels.
What must be set up on the IPsec tunnel on the Palo Alto Networks Next-Generation Firewall to support policy-based tunnels?

A customer uses an application on the network that shows unknown-tcp application in the traffic logs.
Which two actions can the administrator take to make the application display this information? (Choose two.)

You have just completed a firewall migration project in Expedition. Expedition is not directly connected to a firewall. You decide to export the configuration.
What two file types will be available to you in the download options? (Choose two.)

DRAG DROP -
Match the task for server settings in group mapping with its order in the process

DRAG DROP -
Match the App-ID adoption task with its order in the process