NEW QUESTION 1
Which command can be used to validate a Captive Portal policy?

• A. eval captive-portal policy <criteria>
• B. request cp-policy-eval <criteria>
• C. test cp-policy-match <criteria>
• D. debug cp-policy <criteria>

Answer: C

NEW QUESTION 2
Which method does an administrator use to integrate all non-native MFA platforms in PAN- OS® software?

• A. Okta
• B. DUO
• C. RADIUS
• D. PingID

Answer: C

NEW QUESTION 3
Support for which authentication method was added in PAN-OS 7.0?

• A. RADIUS
• B. LDAP
• C. Diameter
• D. TACACS+

Answer: D

NEW QUESTION 4
How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?

• A. Configure the option for “Threshold”.
• B. Disable automatic updates during weekdays.
• C. Automatically “download only” and then install Applications and Threats later, after the administrator approves the update.
• D. Automatically “download and install” but with the “disable new applications” option used.

Answer: C

NEW QUESTION 5
Which three authentication services can administrator use to authenticate admins into the Palo Alto Networks NGFW without defining a corresponding admin account on the local firewall? (Choose three.)

• A. Kerberos
• B. PAP
• C. SAML
• D. TACACS+
• E. RADIUS
• F. LDAP

Answer: ACF

NEW QUESTION 6
Which feature prevents the submission of corporate login information into website forms?

• A. Data filtering
• B. User-ID
• C. File blocking
• D. Credential phishing prevention

Answer: D

NEW QUESTION 7
An administrator sees several inbound sessions identified as unknown-tcp in the Traffic logs. The administrator determines that these sessions are form external users accessing the company’s proprietary accounting application. The administrator wants to reliably identify this traffic as their accounting application and to scan this traffic for threats.
Which option would achieve this result?

• A. Create a custom App-ID and enable scanning on the advanced tab.
• B. Create an Application Override policy.
• C. Create a custom App-ID and use the “ordered conditions” check box.
• D. Create an Application Override policy and custom threat signature for the application.

Answer: A

NEW QUESTION 8
A user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At other times the session times out. The NGFW has been
configured with a PBF rule that the user’s traffic matches when it goes to http://www.company.com.
How can the firewall be configured automatically disable the PBF rule if the next hop goes down?

• A. Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
• B. Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.
• C. Enable and configure a Link Monitoring Profile for the external interface of the firewall.
• D. Configure path monitoring for the next hop gateway on the default route in the virtual router.

Answer: D

NEW QUESTION 9
A network security engineer is asked to provide a report on bandwidth usage. Which tab in the ACC provides the information needed to create the report?

• A. Blocked Activity
• B. Bandwidth Activity
• C. Threat Activity
• D. Network Activity

Answer: D

NEW QUESTION 10
A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens thousands of bogus UDP connections per second to a single destination IP address and post.
Which option when enabled with the correction threshold would mitigate this attack without dropping legitirnate traffic to other hosts insides the network?

• A. Zone Protection Policy with UDP Flood Protection
• B. QoS Policy to throttle traffic below maximum limit
• C. Security Policy rule to deny trafic to the IP address and port that is under attack
• D. Classified DoS Protection Policy using destination IP only with a Protect action

Answer: D

NEW QUESTION 11
An administrator has enabled OSPF on a virtual router on the NGFW. OSPF is not adding new routes to the virtual router.
Which two options enable the administrator to troubleshoot this issue? (Choose two.)

• A. View Runtime Stats in the virtual router.
• B. View System logs.
• C. Add a redistribution profile to forward as BGP updates.
• D. Perform a traffic pcap at the routing stage.

Answer: AC

NEW QUESTION 12
Which Public Key infrastructure component is used to authenticate users for GlobalProtect when the Connect Method is set to pre-logon?

• A. Certificate revocation list
• B. Trusted root certificate
• C. Machine certificate
• D. Online Certificate Status Protocol

Answer: C

NEW QUESTION 13
Which two options are required on an M-100 appliance to configure it as a Log Collector? (Choose two)

• A. From the Panorama tab of the Panorama GUI select Log Collector mode and then commit changes
• B. Enter the command request system system-mode logger then enter Y to confirm the change to Log Collector mode.
• C. From the Device tab of the Panorama GUI select Log Collector mode and then commit changes.
• D. Enter the command logger-mode enable the enter Y to confirm the change to Log Collector mode.
• E. Log in the Panorama CLI of the dedicated Log Collector

Answer: BE

Explanation: (https://www.paloaltonetworks.com/documentation/60/panorama/panorama_adminguide/set-up-panorama/set-up-the-m-100-appliance)

NEW QUESTION 14
Company.com has an in-house application that the Palo Alto Networks device doesn't identify correctly. A Threat Management Team member has mentioned that this in-house application is very sensitive and all traffic being identified needs to be inspected by the Content-ID engine.
Which method should company.com use to immediately address this traffic on a Palo Alto Networks device?

• A. Create a custom Application without signatures, then create an Application Override policy that includes the source, Destination, Destination Port/Protocol and Custom Application of the traffic.
• B. Wait until an official Application signature is provided from Palo Alto Networks.
• C. Modify the session timer settings on the closest referanced application to meet the needs of the in-house application
• D. Create a Custom Application with signatures matching unique identifiers of the in-house application traffic

Answer: D

NEW QUESTION 15
Which CLI command displays the current management plan memory utilization?

• A. > show system info
• B. > show system resources
• C. > debug management-server show
• D. > show running resource-monitor

Answer: B

Explanation: https://live.paloaltonetworks.com/t5/Management-Articles/Show-System-Resource-Command-Displays-CPU-Utilization-of-9999/ta-p/58149

NEW QUESTION 16
Which three function are found on the dataplane of a PA-5050? (Choose three)

• A. Protocol Decoder
• B. Dynamic routing
• C. Management
• D. Network Processing
• E. Signature Match

Answer: BDE