What is the recommended way to ensure that firewalls have the most current set of signatures for up-to-date protection?
A. Run a Perl script to regularly check for updates and alert when one is released
B. Monitor update announcements and manually push updates to Crewall
C. Store updates on an intermediary server and point all the firewalls to it
D. Use dynamic updates with the most aggressive schedule required by business needs
in which step of the Palo Alto Networks Five-Step Zero Trust Methodology would an organization's critical data, applications, assets, and services (DAAS) be identified?
A. Step 4. Create the Zero Trust policy.
B. Step 2: Map the transaction flows.
C. Step 3. Architect a Zero Trust network.
D. Step 1: Define the protect surface
Prisma SaaS provides which two SaaS threat prevention capabilities? (Choose two)
A. shellcode protection
B. file quarantine
C. SaaS AppID signatures
D. WildFire analysis
E. remote procedural call (RPC) interrogation
A price-sensitive customer wants to prevent attacks on a Windows Virtual Server. The server will max out at 100Mbps but needs to have 45.000 sessions to connect to multiple hosts within a data center
Which VM instance should be used to secure the network by this customer?
A. VM-200
B. VM-100
C. VM-50
D. VM-300
A company has deployed the following
1.
VM-300 firewalls in AWS
2.
endpoint protection with the Traps Management Service
3.
a Panorama M-200 for managing its VM-Series firewalls
4.
PA-5220s for its internet perimeter,
5.
Prisma SaaS for SaaS security.
Which two products can send logs to the Cortex Data Lake? (Choose two).
A. Prisma SaaS
B. Traps Management Service
C. VM-300 firewalls
D. Panorama M-200 appliance
Which Palo Alto Networks pre-sales tool involves approximately 4 hour interview to discuss a customer's current security posture?
A. BPA
B. PPA
C. Expedition
D. SLR
What are three considerations when deploying User-ID? (Choose three.)
A. Specify included and excluded networks when configuring User-ID
B. Only enable User-ID on trusted zones
C. Use a dedicated service account for User-ID services with the minimal permissions necessary
D. User-ID can support a maximum of 15 hops
E. Enable WMI probing in high security networks
An administrator wants to justify the expense of a second Panorama appliance for HA of the management layer.
The customer already has multiple M-100s set up as a log collector group. What are two valid reasons for deploying Panorama in High Availability? (Choose two.)
A. Control of post rules
B. Control local firewall rules
C. Ensure management continuity
D. Improve log collection redundancy