What must be configured to apply tags automatically based on User-ID logs?

• A.Device ID
• B.Log Forwarding profile
• C.Group mapping
• D.Log settings

Comment: *

Name: *

Email: *

Verification: *

Which three multi-factor authentication methods can be used to authenticate access to the firewall? (Choose three.)

• A.Voice
• B.Fingerprint
• C.SMS
• D.User certificate
• E.One-time password

Comment: *

Name: *

Email: *

Verification: *

A firewall administrator has completed most of the steps required to provision a standalone Palo Alto Networks Next-Generation Firewall. As a final step, the administrator wants to test one of the security policies.
Which CLI command syntax will display the rule that matches the test?

• A.test security -policy- match source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number
• B.show security rule source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number>
• C.test security rule source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number>
• D.show security-policy-match source <ip_address> destination <IP_address> destination port <port number> protocol <protocol number> test security-policy-match source

Comment: *

Name: *

Email: *

Verification: *

A customer wants to enhance the protection provided by their Palo Alto Networks NGFW deployment to cover public-facing company-owned domains from misconfigurations that point records to third-party sources. Which two actions should the network administrator perform to achieve this goal? (Choose two)

• A.Verify the NGFWs have the Advanced DNS Security and Advanced Threat Prevention licenses installed and validated
• B.Create or update a Vulnerability Protection profile to the DNS Policies / DNS Zone Misconfiguration section, then add the domains to be protected
• C.Verify the NGFWs have the Advanced DNS Security and Advanced URL Filtering licenses installed and validated
• D.Create or update an Anti-Spyware profile, go to the DNS Policies / DNS Zone Misconfiguration section, then add the domains to be protected

Comment: *

Name: *

Email: *

Verification: *

Using multiple templates in a stack to manage many firewalls provides which two advantages? (Choose two.)

• A.define a common standard template configuration for firewalls
• B.standardize server profiles and authentication configuration across all stacks
• C.inherit address-objects from templates
• D.standardize log-forwarding profiles for security polices across all stacks

Comment: *

Name: *

Email: *

Verification: *