An engines must configure the Decryption Broker feature. To which router must the engineer assign the decryption forwarding interfaces that are used m the Decryption Broker security Chain?

A. a virtual router that has no additional interfaces for passing data-plane traffic and no other configured routes than those used in for the security chain

B. the virtual router that routes the traffic that the Decryption Broker security chain inspects

C. a virtual router that is configured with at least one dynamic routing protocol and has at least one entry in the RIB

D. the default virtual router (If there is no default virtual router the engineer must create one during setup)

In a security-first network, what is the recommended threshold value for content updates to be dynamically updated?

A. 1 to 4 hours

B. 6 to 12 hours

C. 24 hours

D. 36 hours

A network administrator wants to use a certificate for the SSL/TLS Service Profile.

Which type of certificate should the administrator use?

A. certificate authority (CA) certificate

B. client certificate

C. machine certificate

D. server certificate

Information Security is enforcing group-based policies by using security-event monitoring on Windows User-ID agents for IP-to-User mapping in the network. During the rollout, Information Security identified a gap for users authenticating to their VPN and wireless networks.

Root cause analysis showed that users were authenticating via RADIUS and that authentication events were not captured on the domain controllers that were being monitored Information Security found that authentication events existed on the Identity Management solution (IDM). There did not appear to be direct integration between PAN-OS and the IDM solution

How can Information Security extract and learn iP-to-user mapping information from authentication events for VPN and wireless users?

A. Add domain controllers that might be missing to perform security-event monitoring for VPN and wireless users.

B. Configure the integrated User-ID agent on PAN-OS to accept Syslog messages over TLS.

C. Configure the User-ID XML API on PAN-OS firewalls to pull the authentication events directly from the IDM solution

D. Configure the Windows User-ID agents to monitor the VPN concentrators and wireless controllers for IP-to-User mapping.

An administrator connected a new fiber cable and transceiver to interface Ethernetl/l on a Palo Alto Networks firewall. However, the link does not seem to be coming up.

If an administrator were to troubleshoot, how would they confirm the transceiver type, tx-power, rx-power, vendor name, and part number via the CLI?

A. show system state filter sw.dev.interface.config

B. show chassis status slot s1

C. show system state filter-pretty sys.s1.*

D. show system state filter ethernet1/1

In a template, which two objects can be configured? (Choose two.)

A. SD-WAN path quality profile

B. Monitor profile

C. IPsec tunnel

D. Application group

Which component enables you to configure firewall resource protection settings?

A. DoS Protection Profile

B. QoS Profile

C. Zone Protection Profile

D. DoS Protection policy

Which source is the most reliable for collecting User-ID user mapping?

A. GlobalProtect

B. Microsoft Active Directory

C. Microsoft Exchange

D. Syslog Listener

What are two prerequisites for configuring a pair of Palo Alto Networks firewalls in an active/passive High Availability (HA) pair? (Choose two.)

A. The firewalls must have the same set of licenses.

B. The management interfaces must to be on the same network.

C. The peer HA1 IP address must be the same on both firewalls.

D. HA1 should be connected to HA1. Either directly or with an intermediate Layer 2 device.

Which event will happen if an administrator uses an Application Override Policy?

A. Threat-ID processing time is decreased.

B. The Palo Alto Networks NGFW stops App-ID processing at Layer 4.

C. The application name assigned to the traffic by the security rule is written to the Traffic log.

D. App-ID processing time is increased.