Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

For the firewall to use Active Directory to authenticate users, which Server Profile is required in the Authentication Profile?

A.

TACACS+

B.

RADIUS

C.

LDAP

D.

SAML

Which feature must be configured to enable a data plane interface to submit DNS queries originated from the firewall on behalf of the control plane?

A.

Service route

B.

Admin role profile

C.

DNS proxy

D.

Virtual router

What must be configured before setting up Credential Phishing Prevention?

A.

Anti Phishing Block Page

B.

Threat Prevention

C.

Anti Phishing profiles

D.

User-ID

An administrator would like to determine the default deny action for the application dns-over-https

Which action would yield the information?

A.

View the application details in beacon paloaltonetworks.com

B.

Check the action for the Security policy matching that traffic

C.

Check the action for the decoder in the antivirus profile

D.

View the application details in Objects > Applications

When is an event displayed under threat logs?

A.

When traffic matches a corresponding Security Profile

B.

When traffic matches any Security policy

C.

Every time a session is blocked

D.

Every time the firewall drops a connection

URL categories can be used as match criteria on which two policy types? (Choose two.)

A.

authentication

B.

decryption

C application override

C.

NAT

What are three valid information sources that can be used when tagging users to dynamic user groups? (Choose three.)

A.

Blometric scanning results from iOS devices

B.

Firewall logs

C.

Custom API scripts

D.

Security Information and Event Management Systems (SIEMS), such as Splun

E.

DNS Security service

Selecting the option to revert firewall changes will replace what settings?

A.

the running configuration with settings from the candidate configuration

B.

the device state with settings from another configuration

C.

the candidate configuration with settings from the running configuration

D.

dynamic update scheduler settings

Given the topology, which zone type should you configure for firewall interface E1/1?

A.

Tap

B.

Tunnel

C.

Virtual Wire

D.

Layer3

Which update option is not available to administrators?

A.

New Spyware Notifications

B.

New URLs

C.

New Application Signatures

D.

New Malicious Domains

E.

New Antivirus Signatures