Which two file types can be sent to WildFire for analysis if a firewall has only a standard subscription service? (Choosetwo.)

For which firewall feature should you create forward trust and forward untrust certificates?

Which statement describes a function provided by an Interface Management Profile?

Which three interface types can control or shape network traffic? (Choose three.)

Because a firewall examines every packet in a session, a firewall can detect application ________?

What are three connection methods for the GlobalProtect agent? (Choose three.)

Application block pages can be enabled for which applications?

The firewall acts as a proxy for which two types of traffic? (Choose two.)

If a DNS sinkhole is configured, any sinkhole actions indicating a potentially infected host are recorded in which log type?

On a firewall that has 32 Ethernet ports and is configured with a dynamic IP and port (DIPP) NAT oversubscription rate of2x, what is the maximum number of concurrent sessions supportedby each available IP address?

Which interface type is NOT assigned to a security zone?

Which user mapping method is recommended for a highly mobile user base?

Which action in a File Blocking Security Profile results in theuser being prompted to verify afile transfer?

Which of the following types of protection are available in DoS policy?

Besides selecting the Heartbeat Backup option when creating an ActivePassive

HA Pair, which of the following also prevents "SplitBrain"?

In PAN-OS8.0, rule numbers were introduced. Rule Numbers are:

Wildfire may be used for identifying which of the following types of traffic?

What option should be configured when using User Identification?

InPAN-OS 8.0which of the available choices serves as an alert warning by defining patterns of suspicious traffic and network anomalies that may indicate a host has been compromised?

What built-in administrator role allows all rights except for the creation of administrative accounts and virtual systems?

Select the implicit rules that are applied to traffic that fails to match any administratordefined Security Policies. (Choose all rules that are correct.)

Subsequent to the installation of new licenses, the firewall must be rebooted

Which of the following statements is NOT True regarding a Decryption Mirror interface?

What option should be configured when using User-ID

A local/enterprise PKI system is required to deploy outbound forward proxy SSL decryption capabilities.

As the Palo Alto Networks administrator responsible for User Identification, you are looking for the simplest method of mapping network users that do not sign into LDAP. Which information source would allow reliable User ID mapping for these users, requiring the least amount of configuration?