Chequeado H

Question 1 How many access domain supports Panorama?. 2500. 4000. 1500. 1000. 3500.

Question 2 Which three steps must the customer complete to prepare for a successful on-site engagement? (Choose three.). Define a post-implementation validation plan (a document that will show what must be tested, how, when, by whom). Open a proactive case with TAC for cutover to ensure quicker support, and include a description of the architecture, as necessary. Create a document that outlines the tasks required by all parties. Identify a target date for a maintenance window for implementation, and coordinate downtime internally per the change management procedures. Verify that the customer engineers have accounts that are associated with the customer master account.

Question 3 Which category of Vulnerability Signatures is most likely to trigger false positive alerts?. Phishing. Info-leak. brute-force. code-execution.

Question 4 A customer deploying a new firewall is having difficulties retrieving licenses from the licensing server. Which option would allow you to install licenses offline?. Retrieve the license key from the license server. load the license key from a USB drive. Activate the license using the authorization code. manually upload the license key.

Question 5 Identify the correct mode to push configurations from Expedition to PAN-OS: Mega. Clear. Atomic. Sub-Atomic.

Question 6 Select the right order for the SSL Forward Proxy Step-by-Step: 4. 2. 6. 5. 1. 7. 3.

Question 7 A customer has changed the default certificate for use in communicating to firewalls and now the firewalls appear as disconnected under managed devices in Panorama. Which two changes will establish connection between Panorama and the firewall? (Choose two.). enable secure client communication on each firewall. deploy custom certificates on each firewall. configure the HSM. push the custom certificates used on Panorama to all of the firewalls.

Question 8 What are the minimum requirements for Panorama?. 8 vcpus, 32gb ram, 81gb almacenamiento (OS) 2 tb max por disco. 16 vcpus, 32gb ram, 40 gb almacenamiento (OS) 1 tb max por disco. 16 vcpus, 32gb ram, 81gb almacenamiento (OS) 2 tb max por disco. 16 vcpus, 16gb ram, 81gb almacenamiento (OS) 2 tb max por disco.

Question 9 PC 1 needs to access a webpage hosted on Web Server 2. The content of the related SSL sessions needs to be visible exclusively to FW 1. Web Server 2 is using a certificate issued by a public CA that is trusted by all computers on the local network. No changes to the packet data are permitted. Choose the solution that satisfies the requirement. SSL Decryption Port Mirroring. SSL Decryption Broker. SSL Forward Proxy Decryption. SSL Inbound Inspection.

Question 10 Which three reasons could explain receiving a conflict in ARP on interface ethernetX/X indicating duplicate IP Y.Y.Y.Y? (Choose three.). You assigned the same IP as a SNAT (Source NAT) address facing the internet. You assigned the same IP as a DNAT (Destination NAT) address facing the internet. You assigned the same IP on both devices. You assigned a DNAT (Destination NAT) pool, where the concerned IP is part of the pool. You assigned a SNAT (Source NAT) pool, where the concerned IP is not part of the pool.

Question 11 Select the path to check the new App-IDs visualized by the NGFW. Device > Reports > New Applications. Device > Software Update > Application and Threat > New Applications. Monitor > Reports > Application Reports > New Applications. Objects > New Applications > Reports.

Question 12 Which certificate type is recommended for use when the Forward Trust Certificate is created?. SSL Exclude. SSL Inbound Inspection. Self-signed. Enterprise CA-signed.

Question 13 Which commands use to validate URL Filtering License? A. request license info B. show system setting pan-db C. show system setting url-database D. request system license url-database. request license info. show system setting pan-db. Show system setting url-database. request system license url-database.

Question 14 A customer that has a multi-tenant environment needs the administrator to be restricted to specific objects and policies in the virtual system within its tenant. How can an administrator's access be restricted?. Define an access domain that enables the device groups assigned to the admin. Define an Admin Role Profile with Panorama enabling all access. Define an Admin Role Profile with a device group and template enabling all access. Define access domains for virtual systems in the environment.

Question 15 How does PAN-OS evaluate rule the policies?. 4. 2. 3. 5. 1. 6.

Question 16 What is the supported bandwidth for a virtual wire interface type?. 100Gbps. B. 25Gbps. 10Gbps. 1Gbps.

Question 17 Which are the appropiate interfaces for SSL Forward Proxy and SSL Inbound Inspection?. Layer 2. Layer 3. Vwire. HA3. Tap.

Question 18 An administrator is tasked with setting up NAT and Security policies for a new corporate site. As per company policies, all internal users must access a billing application server hosted in the company's DMZ using its public IP address of 3.1.1.100. While testing the new configuration, the administrator has found that the billing application is not accessible from inside the corporate network (trust-13 zone). The administrator also has determined that there is an issue with the NAT configuration. Which changes must be made to the configuration to resolve the issue? (Read the answer choices in the following order Source Zone, Destination Zone, Destination Address, Destination Translation). trust-13, untrust-13, 10.1.1.100 - Private, 3.1.1.100 - Public. trust-13, dmz-13, 10.1.1.100 - Private, 3.1.1.100 - Public. trust-13, dmz-13, 3.1.1.100 - Public, 10.1.1.100 - Private. trust-13, untrust-13, 3.1.1.100 - Public, 10.1.1.100 - Private.

Question 19 Select the right command to validate the global counters in a packet capture. show counter global packet-filter filter yes delta yes. show counter filter packet-filter yes delta yes. show counter global filter packet-filter yes delta yes. show counter global filter yes delta yes.

Question 20 How validate the log rate in Panorama for all managed firewalls?. debug log-collector device-statistics. debug log-receiver device <Device Serial Number>. debug log-receiver statistics. debug log-collector statistics.

Question 21 An administrator is implementing LACP with all values by default, which is the default value of system priority?. 21780. 35420. 32700. 32768.

Question 22 Which command is the correct to make TSHOOT over PAN-DB?. show status url-cloud. show url-cloud status. show url-cloud url-database. request license info pan-db.

Question 23 A customer has a PA-7080 with slot 1, 2 and 12; each interface is a 100Gbps. Slot 1 and 2 has a charge of 200 and the DP in slot 1 is high. What is the recommendation to balancing the sessions to having an improve of DP?. ECMP. Static Routes. Session-load. Round-Robin.

Question 24 A customer has no WildFire license, Which configured option will not work?. Emails from WildFire cloud regarding verdicts on files. forwarding of links inside of emails to WildFire. WildFire actions in Antivirus Profile. forwarding of files with unknown verdicts to WildFire.

Question 25 Select the commands to install updates in Expedition?. sudo apt-get install expedition. sudo apt-get update. sudo apt-get install expedition-beta. sudo apt-get upgrade.

Question 26 SSL Forward Proxy decryption is enabled on the firewall. When clients use Chrome to browse to HTTPS sites, the firewall returns the forward Trust certificate, even when accessing websites with invalid certificates. The clients need to be presented with a browser warning error with the option to proceed to websites with invalid certificates. Which two options will satisfy this requirement? (Choose two.). create a Decryption Profile with the Block sessions with expired certificates option Enabled. create a self-signed Forward Untrust enabled certificate. remove the Forward Untrust option from the Forward Trust certificate. create a PKI signed Forward Untrust enabled certificate. create a Decryption Profile with the Block sessions with unknown certificate status option disabled.

Question 27 If the firewall has the server root CA certificate in its certificate trust list (CTL) and uses the public key contained in that root CA certificate to verify the signature, it will present which certificate to the client during SSL Forward Proxy Decryption?. SSL Exclude. Forward Untrust. Forward Trust. SSL Inbound.

Question 28 A customer is deploying Palo Alto Networks NGFW and has asked a consultant to recommend the appropriate plattorm. Requirements are: The firewall, must support five virual systems, redundant power supplies, 10/100/1000 RJ-45, and SFP. SPP+ is not required. Which NGFW is the minimun platform required for this scenario?. PA-5060. PA-3060. PA-5050. PA-5020.

Following the role, select the correct statement for it: Network Administrator. SOC Analyst. Security Administrator.

Question 30 Which PA devices support aggregate group (LACP)?. PA - 800 Series. PA - 220. PA - 5200 Series. PA-500. VM - 50. PA - 3200 Series. PA - 7000 Series.

Question 31 In a Security Policy that mostly is App-ID instead of services, which item should be included in the weekly and emergency content updates that should not be automatically installed with a 24-to-48-hour threshold?. new vulnerability signatures. new anti-spyware signatures. new applications. new antivirus signatures.

Question 32 A customer that has a pair of Panorama HA appliances running local log collectors wants to have log redundancy on logs farwarded from firewalls. Which two configurations options fulfill the customer's requirement for log redundancy? (Chose two.). Panorama operational mode needs to be Dedicated Log Collector. A Collector Group must contain at least two Log Collectors. Panorama configured in HA provides log redundancy. Log redundancy must be enabled per Collector Group.

Question 33 A customer's PAN-DB subscription has expired but the customer wants to continue to use URL Categorization in a policy. Which two methods can be used to continue to provide URL filtering? (Choose two.). create FQDN objects and add them to the policy. A PAN-DB subscription is required for any URL filtering. create a URL custom category and add a URL Filtering Profile to the policy. create a URL custom category to be used in the policy.

Question 34 How to view currently installed SFP SFP+ or QSFP Modules?. show system state filter-pretty sys.sX.pY.phy. show system state filter sys.sX.pY.phy. show state system filter sys.sX.pY.phy. show system state filter sys.sX.pY.*.

Question 35 A client wants to configure an Decryption Rule to decrypt a traffic. Which option is not supported?. Hip Profile. Source Zone. Application. URL Category.

Question 36 A firewall admin needs to ensure that traffic from PC 1 is decrypted when public websites are accessed on the internet, but not when Web Server 2 is accessed. Web Server 2 and the internet both are in Zonel on FW 1. Choose the correct order of operations that partially satisfies the requirement. 1. 3. 4. 2.

Question 37 Which is the SO that runs expedition?. Ubuntu 20.04.* LTS Server (32 bits AMD). Ubuntu 20.04.* LTS Server (64 bits AMD). Ubuntu 22.04.* LTS Server (64 bits AMD). Ubuntu 22.04.* LTS Server (32 bits AMD).

Question 38 Which is the default port for Terminal Server Agent?. 139. 3849. 5009. 5007.

Question 39 A user would like to establish Link Aggregation Control Protocol (LACP) which kind of interface can be used to setup it?. HA3. Layer 2. Loopback. Vwire. Tunnel. Layer 3. HA4.

Question 40 A customer wants to apply in his network topology an Active/Active desing for Palo Alto Networks NGFW. What are the prerequisites to make this request?. Same Set of Licenses. Same Multi Virtual System Capability. Same PAN-OS Version. Same HA4 Ports on both NGFWs. Same Hardware Model. Same Type of Interfaces. Same Device-ID Selected on both NGFWs.

Question 41 Customer recently purchased a license for URL filtering and is having trouble activating PAN-DB. Which two commands can be used to troubleshoot this issue? (Choose two.). show system setting url-database. request url-database license info. show device setting pan-db. request license info.

Question 42 Which value in the Application column indicates UDP traffic that did not match an App-ID signature?. not-applicable. unknown-ip. incomplete. unknown-udp.

Question 43 Why is used the Machine Learning (ML) feature in Expedition?. Suggest new set of security policies. It is often used in Greenfield deployment. Migrate Service-port based security policies to APP-ID based security policies. Tighten existing security policies to remove "any" in the application of service field. Evaluate and remove the wrong service-port based security policies.

Question 44 What is the default value of ICMP ping interval while configuring the monitored destination for the static route?. 3. 10. 8. 5.

Question 45 Which three statements are correct when using FQDN resolves more than one IP address while establishing the peer at the far end of the tunnel? (Choose three.) A. If the IKE gateway uses an address that is in the set of returned addresses, the firewall selects that address irrespective of the address being the smallest or not in the set. B. If the IKE gateway uses an address that isn't in the set of returned addresses, the firewall selects the highest address. C. If no IKE security association is negotiated, the preferred IP address is the smallest value. D. If the IKE gateway uses an address that is in the set of returned addresses, the firewall selects any address from the set. E. If the IKE gateway uses an address that isn't in the set of returned addresses, the firewall selects a new address, which is the smallest in the set. F. If no IKE security association is negotiated, the preferred IP address is the one with the highest value. If the IKE gateway uses an address that is in the set of returned addresses, the firewall selects that address irrespective of the address being the smallest or not in the set. If the IKE gateway uses an address that isn't in the set of returned addresses, the firewall selects the highest address. If no IKE security association is negotiated, the preferred IP address is the smallest value. If the IKE gateway uses an address that is in the set of returned addresses, the firewall selects any address from the set. If the IKE gateway uses an address that isn't in the set of returned addresses, the firewall selects a new address, which is the smallest in the set. If no IKE security association is negotiated, the preferred IP address is the one with the highest value.

Question 46 Examine the configured Security policy rule. What option below would reduce the exposed attack surface of the web server?. WildFire Forwarding. Log Forwarding. Alert Only Security Profiles. Specific App-IDs.

Question 47 When is required use HA4?. HA4 and HA4 backup connections are the dedicated cluster links that synchronize session state among all cluster members having different cluster ID. The HA4 link between cluster members detects connectivity failures between cluster members. HA4 and HA4 backup connections are the dedicated cluster links that synchronize session state among all cluster members having the same cluster ID. The HA4 link between cluster members detects heartbeat, time interval and timeout. HA4 and HA4 backup connections are a floating connection to cluster links that synchronize session state among all cluster members having the same cluster ID. The HA4 link between cluster members detects connectivity failures between cluster members. HA4 and HA4 backup connections are the dedicated cluster links that synchronize session state among all cluster members having the same cluster ID. The HA4 link between cluster members detects connectivity failures between cluster members.

Question 48 Which algorithms are supported by TLSv1.3?. TLS13-AES-128-GCM-SHA128. TLS13-AES-256-GCM-SHA384. TLS13-CHACHA20-POLY1305-SHA256. TLS13-AES-128-GCM-SHA256.

Question 49 Which two options are required to make the firewall send files to WildFire? (Choose two.). a WildFire Profile applied to appropriate rules that pass files. configuration of the Wild Fire Actions in the Antivirus Security Profile. a properly configured WildFire Profile. a WildFire license.

Question 50 Which command put the NGFW into maintainence-mode?. debug system maintenance-mode. debug system maintenance-mode yes. debug system software maintenance-mode. debug maintenance-mode.

Question 50 A firewall admin needs to ensure that traffic from PC 1 is decrypted when public websites are accessed on the internet, but not when Web Server 2 is accessed. Web Server 2 and the internet both are in Zonel on FW 1. Choose the correct order of operations that partially satisfies the requirement. 2. 1. 3. 4.

Question 51 How create a packet capture in the MGMT Interface through CLI?. tcpdump filter "<filter-option> <IP-address>" snaplen <length>. debug dataplane filter interface management-interface. debug dataplane tcpdump filter "<filter-option> <IP-address>" snaplen <length>. view-pcap mgmt-pcap mgmt.pcap. scp export mgmt-pcap from mgmt.pcap to <username@host:path>.

Question 52 Which commands are used to validate log rate through CLI in Panorama?. grep pattern "Incoming log rate" mp-log mp-monitor.log. debug log-collector log-collection-stats show incoming-logs. tail follow yes "Incoming log rate" mp-log mp-monitor.log. less mp-log authd.log.

Question 53 A user would like to establish Link Aggregation Control Protocol (LACP) which bandwidth allows it?. 1Gbps. 20Gbps. 25Gbps. 100Gbps. 10Gbps. 250Gbps. 4Gbps. 40Gbps.

Question 54 Select the right order for the SSL Inbound Inspection Step-by-Step: 4. 3. 2. 1.

Question 55 What model does not support Policy Optimizer?. PA-220. PA-220R. PA-440. VM-50 Lite.

Question 56 How does PAN-OS evaluate rule the policies?. 3. 4. 1. 5. 2. 6.

Question 57 Which is the right capacity per Panorama Model?. M-200 and M-300: Up to 5,000 -600 and M-700: Up to 4,000. M-200 and M-300: Up to 4,500 -600 and M-700: Up to 5,000. M-200 and M-300: Up to 1,000 -600 and M-700: Up to 2,500. M-200 and M-300: Up to 1,000 -600 and M-700: Up to 5,000.

Question 58 Which action allows a customer to identify internally developed applications not kno by Palo Alto Networks?. create a new application override rule. create a new App-ID. create a custom URL filter. create a custom App-ID.

Question 59 A firewall admin has created two custom URL categories called URLI and URL2, and puts duckduckgo.com into both categories. The duckduckgo.com URL already belongs to the search-engines category that is defined by Palo Alto Networks. SSL Forward proxy decryption is already configured on the firewall, and all clients trust the Forward-Trust certificate. When an internal client accesses https://duckduckgo.com, which policy rule will enable the Traffic to be decrypted?. Rule 1. Rule 2. Rule 3. Rule 4.

Question 60 Which is the correct Step-By-Step to migrate through Expedition?. Import a configuration (from supported vendor)>Rename, remap>lmport a base configuration>merge>Generate the output>Export, remove and clean unused/invalid objects. Import a configuration (from supported vendor)>Export, remove and clean unused/invalid objects>Rename, remap>lmport a base configuration>merge>Generate the output. Import a configuration (from supported vendor)>Rename, remap>Export, remove and clean unused/invalid objects>lmport a base configuration>merge>Generate the output. Import a configuration (from supported vendor)>Export, remove and clean unused/invalid objects>lmport a base configuration>Rename, remap>merge>Generate the output.

Question 61 The firewall is configured to use the Windows User-ID agent for user-to-ip mappings, but the connection is failing. What action will solve the issue?. Add a second User-ID agent host IP address of 172.31.252.150 to the firewall config. Change the User-ID agent server name to adsvr.lab.psbootcamp.us. Change the User-ID agent port on the firewall config to 5007. Add a certificate to the Windows User-ID agent.

Question 62 How validate the log rate in Panorama for all managed firewalls?. debug log-receiver statistics. debug log-receiver device <Device Serial Number>. debug log-collector device-statistics debug. debug log-collector statistics.

Question 63 What are 'Ghost' Objects?. These are objects that doesn't existe in the NGFW. These are objects created in the migration process from a allowed vendor to Palo Alto. These are objects that are being used in policies but doesn't exist on the objects tab. These are objects with a wrong configuration.

Question 64 What is an invalid objects in expedition?. Invalid objects are those that has some no valid value established such as mask, IPs, etc. Objects that are not being used in the NGFW. Invalid objects are those that were created locally on the NGFW. Objects created on Panorama and pushed to the devices managed.

Question 65 What are two reasons you would want to disable all App-IDs introduced in a content release? (Choose two.). when you need to immediately benefit from the latest threat prevention. when you are planning to enable the App-IDs now. when you want to disable facebook-base to disable all other Facebook App-IDs. when you are planning to introduce App-IDs for new Applications.

Question 66 Which two settings are required for the installation of the TS agent? (Choose two.). Source Port Allocation Range. Port Allocation Reservation Per User. Destination Port Allocation Range. Port Allocation Start Size Per User.

Question 67 SSL forward proxy decryption is failing for traffic destined to an external web server that uses the ECDHE cipher. Which solution will allow internal hosts to access the external website through the firewall?. Run the set shared ssl-decrypt forward-trust elliptic-curve-enable command to enable ECDHE decryption. Run the set shared ss-tls-service-profile enable-ssl-exclude-cert-from-predefined command to disable ECDHE decryption. Run the set shared ssl-decrypt disabled-ssl-exclude-cert-from-predefined command to disable ECDHE decryption. Run the set shared ssl-decrypt ssl-exclude-cert command to bypass decryption for the site.

Question 68 Match the command with the appropriate scenario for its use. State of various processes. Authentication log. Data plane resources. Management plane resources.

Question 69 Which commands are used to troubleshoot a VPN?. debug ike global on debug. less mp-log ipsecmgr.log. debug global filter on debug. less mp-log ikemgr.log.

Question 70 21. FW 1 is configured for SSL forward proxy decryption from El/2 to El/l. FW 2 is configured for SSL Inbound Inspection from El/l to El/2 Web Server 2 is responsive on both TCP ports 80 and 443. When PC 1 accesses the website hosted on Web Server 1 using HTTP on TCP port 80, the logs on FWI show the web-browsing application using TCP port 80. Which application and port do the logs on FWI show when PC 2 accesses the website on Web Server 2 using SSL?. web-browsing and tcp/443. web-browsing and tcp/80. ssl and tcp/443. ssl and tcp/80.

Question 71 While troubleshooting a spoofed IP in the Threat log, which command should you enter from the command line interface prompt after issuing show counter global filter packetfilter yes delta yes?. discard-ip-spoof. flow pf_dos_ipspoof. flow dos_pf_ipspoof. flow_ipspoof_pf_dos.

Question 72 What is the preferred method for gathering User-ID mappings from Citrix VDI servers?. Agentless Server Monitoring. GlobalProtect with an internal gateway. The Windows User-ID agent. The Terminal Services agent.

Question 73 A customer has a pair of Panorama HA appliances running local log collectors and wants to have log redundancy on logs forwarded from firewalls. Which two configuration options fulfill the customer’s requirement for log redundancy? (Choose two.). Panorama configured in HA provides log redundancy. A Collector Group must contain at least two Log Collectors. Log redundancy must be enabled per Collector Group. Panorama operational mode needs to be Dedicated Log Collector.

Question 74 A customer has firewalls deployed at multiple data centers globally, and which are managed by a single Panorama pair. Each data center has multiple PA-7080 firewalls running PAN-OS 9.0. What are two recommended logging infrastructures across the data centers if the customer needs to log? (Choose two.). Distributed log collector. Single log collector in the main data center. Cortex Data Lake. Mixed mode Panorama.

Question 75 In an HA active/active configuration, what is the purpose of APR load sharing?. share all IP addresses and provide Layer 4 through Layer 7 services when failure is detected. protect internal networks from an ARP flooding attack. sync the ARP table between the two firewalls. share an IP address and provide gateway services.

Question 76 In a HA active/active configuration, which task does the session setup firewall perform?. threat scanning. NAT. Traffic log generation. decryption.

Question 76 Which are two commands required to upgrade Expedition? (Choose two.). sudo apt-get update. sudo apt-get update expedition. sudo apt-get upgrade all. sudo apt-get install expedition-beta.

Question 77 An existing customer who has deployed several Palo Alto Networks Next-Generation Firewalls would like to start using Device-ID to obtain policy rule recommendations. They have also purchased a Support license, a Threat license, a URL Filtering license, and a WildFire license for each firewall. What additional license do they need to purchase?. an IoT Security license for each deployed firewall. a Cortex Data Lake license. an IoT Security license for the perimeter firewall. an Enterprise Data Loss Prevention (DLP) license.

Question 78 Instead of disabling App-IDs regularly, a security policy rule is going to be configured to temporarily allow new App-IDs. In which two circumstances is it valid to disable App-IDs as part of content update? (Choose two.). when planning to enable the App-IDs immediately. when you want to immediately benefit from the latest threat prevention. when an organization operates a mission-critical network and has zero tolerance for downtime. when disabling facebook-base to disable all other Facebook App-IDs.

Question 79 In Panorama, the web interface displays the security rules in evaluation order. Organize the security rules in the order in which they will be evaluated?. Shared post-rules. Local firewall rules. Device group post-rules. Shared pre-rules. Device group pre-rules.

Question 80 A customer’s Palo Alto Networks NGFW currently has only one security policy allowing all traffic. They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an “allow any” rule. What should the consultant say about Expedition?. Live firewall traffic can be viewed on Expedition when connected to a firewall, and Expedition can automatically create and push policies to the firewall. purpose. The log flies can be viewed on Expedition, and right-clicking a log entry gives the option to create security policy from the log entry. By using the Machine Learning feature, Expedition can parse the traffic log files related to the policy and extract security rules for matching traffic. Expedition cannot parse log files and therefore cannot be used for this purpose.

Quiestion 81 In Expedition, which objects are classified as “Ghost objects”?. Address objects that are not part of an Address Group. Address objects that are not applied in Security or NAT policies. Unused address objects. Addresses imported from Security and NAT policies without corresponding address objects.

Question 82 Which Palo Alto Networks feature allows you to create dynamic security policies based on the behavior of the devices in your network?. Behavioral Threat Detection. Cortex XDR. App-ID. Dynamic Address Groups.

Question 83 How does Panorama prompt VMware NSX to quarantine an interface VM??. Syslog Server Profile. Email Server Profile. SNMP Server Profile. HTTP Server Profile.

Question 84 Which three user authentication services can be modified in to provide the Palo Alto Networks NGFW with both username and role names? (Choose three.). PAP. B SAML. C LDAP. TACACS+. E RADIUS. Kerberos.

Question 85 An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs. The administrator assigns priority 100 to the active firewall. Which priority is collect tot the passive firewall?. 0. 1. 90. 255.

Question 86 When a malware-infected host attempts to resolve a known command-and-control server, the traffic matches a security policy with DNS sinhole enabled, generating a traffic log. What will be the destination IP Address in that log entry?. The IP Address of sinkhole.paloaltonetworks.com. The IP Address of the command-and-control server. The IP Address specified in the sinkhole configuration. The IP Address of one of the external DNS servers identified in the anti-spyware database.

Question 87 ¿Cuáles son los dos comandos para instalar actualizaciones en expedition?. sudo apt-get update. sudo apt-get install expedition-beta.

Question 88 Cómo verificar que la licencia de URL filtering esté bien instalada mediante CLI?. show system setting url-database. request license info.

Question 89 ¿Cómo hacer troubleshooting de PAN DB desde CLI?. show url-cloud status. show url-cloud status all.

Question 90 The device server to verify cloud lookups for URL filtering: debug device-server pcap on. debug device-server pcap off.

Question 91 como crear un pcap desde CLI?. debug dataplane packet-diag set filter match source 192.168.180.210 source-netmask 32 ingress-interface ethernet1/3. debug dataplane packet-diag show setting.

Question 92 ¿Cómo leer los logs de autenticación por CLI?. less mp-log authd.log. less mp-log authd.log all.

Quiestion 93 ¿Cómo hacer una captura de paquetes en la interfaz MGMT desde CLI?. tcpdump filter “<filter-option> <IP-address>” snaplen length. view-pcap mgmt-pcap mgmt.pcap. scp export mgmt-pcap from mgmt.pcap to <username@host:path>. scp export mgmt-pcap to mgmt.pcap to <username@host:path>. view-pcap mgmt-pcap mgmt.pcap filter.