With the default TCP and UDP settings on the firewall, what will be the identified application in the following session?
Correct Answer:
B
An administrator would like to determine which action the firewall will take for a specific CVE. Given the screenshot below, where should the administrator navigate to view this information?
Correct Answer:
A
A company is looking to increase redundancy in their network. Which interface type could help accomplish this?
Correct Answer:
D
An aggregate group increases the bandwidth between peers by load balancing traffic across the combined interfaces. It also provides redundancy
https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-networking-admin/configure-interfaces/configure-an-agg
Which GlobalProtect component must be configured to enable Clientless VPN?
Correct Answer:
C
Creating the GlobalProtect portal is as simple as letting it know if you have accessed it already. A new gateway for accessing the GlobalProtect portal will appear. Client authentication can be used with an existing one.
https://www.nstec.com/how-to-configure-clientless-vpn-in-palo-alto/#5
A security engineer received multiple reports of an IPSec VPN tunnel going down the night before. The engineer couldn't find any events related to VPN under system togs.
What is the likely cause?
Correct Answer:
C
This means that the firewall does not have a mechanism to monitor the status of the IPSec VPN tunnel and generate logs when it goes down or up. The Tunnel Monitor is an optional feature that can be enabled on each IPSec tunnel interface and it uses ICMP probes to check the connectivity of the tunnel peer. If the firewall does not receive a response from the peer after a specified number of retries, it marks the tunnel as down and logs an event1.
