A network administrator is troubleshooting an issue with Phase 2 of an IPSec VPN tunnel. The administrator determines that the lifetime needs to be changed to match the peer.
Where should this change be made?
Correct Answer:
C
A network administrator wants to use a certificate for the SSL/TLS Service Profile. Which type of certificate should the administrator use?
Correct Answer:
D
Use only signed certificates, not CA certificates, in SSL/TLS service profiles. https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/certificate-management/configure-an-ssltls-service
What can be used to create dynamic address groups?
Correct Answer:
C
An engineer is bootstrapping a VM-Series Firewall Other than the 'config folder, which three directories are mandatory as part of the bootstrap package directory structure? (Choose three.)
Correct Answer:
AD
How should an administrator enable the Advance Routing Engine on a Palo Alto Networks firewall?
Correct Answer:
C
Enable Advanced Routing in Network > Virtual Routers > Router Settings > General, then commit and reboot 1. This means that the administrator can enable advanced routing features such as RIB filtering, BFD, multicast, and redistribution profiles for each virtual router on the firewall. The firewall requires a reboot after enabling advanced routing to apply the changes.
