Which three types of authentication services can be used to authenticate user traffic flowing through the firewalls data plane? (Choose three )

Which license is required to use the Palo Alto Networks built-in IP address EDLs?

An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains.

Which type of single unified engine will get this result?

Complete the statement. A security profile can block or allow traffic____________

Which statement is true regarding a Prevention Posture Assessment?

Which type of administrative role must you assign to a firewall administrator account, if the account must include a custom set of firewall permissions?

Which option lists the attributes that are selectable when setting up an Application filters?

You need to allow users to access the office–suite application of their choice. How should you configure the firewall to allow access to any office-suite application?

During the App-ID update process, what should you click on to confirm whether an existing policy rule is affected by an App-ID update?

An administrator is troubleshooting an issue with traffic that matches the intrazone-default rule, which is set to default configuration.

What should the administrator do?

Which DNS Query action is recommended for traffic that is allowed by Security policy and matches Palo Alto Networks Content DNS Signatures?

An administrator is reviewing another administrator s Security policy log settings

Which log setting configuration is consistent with best practices tor normal traffic?

What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

Which update option is not available to administrators?

An internal host wants to connect to servers of the internet through using source NAT.

Which policy is required to enable source NAT on the firewall?

If using group mapping with Active Directory Universal Groups, what must you do when configuring the User-ID?

Which operations are allowed when working with App-ID application tags?

Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.

Complete the security policy to ensure only Telnet is allowed.

Security Policy: Source Zone: Internal to DMZ Zone __________services “Application defaults”, and action = Allow

What is the minimum timeframe that can be set on the firewall to check for new WildFire signatures?

Which Security profile can you apply to protect against malware such as worms and Trojans?

Access to which feature requires PAN-OS Filtering licens?

Starting with PAN_OS version 9.1 which new type of object is supported for use within the user field of a security policy rule?

Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?

What must be configured before setting up Credential Phishing Prevention?

Identify the correct order to configure the PAN-OS integrated USER-ID agent.

3. add the service account to monitor the server(s)

2. define the address of the servers to be monitored on the firewall

4. commit the configuration, and verify agent connection status

1. create a service account on the Domain Controller with sufficient permissions to execute the User- ID agent