What helps avoid split brain in active / passive high availability (HA) pair deployment?
In which two cases should the Hardware offering of Panorama be chosen over the Virtual Offering? (Choose two.)
As you prepare to scan your Amazon S3 account, what enables Prisma service permission to access Amazon S3?
Match the WildFire Inline Machine Learning Model to the correct description for that model.
Which two components must be configured within User-ID on a new firewall that has been implemented? (Choose two.)
Prisma SaaS provides which two SaaS threat prevention capabilities? (Choose two)
A customer is starting to understand their Zero Trust protect surface using the Palo Alto Networks Zero Trust reference architecture.
What are two steps in this process? (Choose two.)
Which three actions should be taken before deploying a firewall evaluation unt in a customer environment? (Choose three.)
Which two features are found in a Palo Alto Networks NGFW but are absent in a legacy firewall product? (Choose two.)
What will a Palo Alto Networks next-generation firewall (NGFW) do when it is unable to retrieve a DNS verdict from the DNS cloud service in the configured lookup time?
What is the recommended way to ensure that firewalls have the most current set of signatures for up-to-date protection?
The ability to prevent users from resolving internet protocol (IP) addresses to malicious, grayware, or newly registered domains is provided by which Security service?
Which three methods used to map users to IP addresses are supported in Palo Alto Networks firewalls? (Choose three.)
A price-sensitive customer wants to prevent attacks on a Windows Virtual Server. The server will max out at 100Mbps but needs to have 45.000 sessions to connect to multiple hosts within a data center
Which VM instance should be used to secure the network by this customer?
A customer has business-critical applications that rely on the general web-browsing application. Which security profile can help prevent drive-by-downloads while still allowing web-browsing traffic?
Which Security profile on the Next-Generation Firewall (NGFW) includes Signatures to protect against brute force attacks?
A customer with a fully licensed Palo Alto Networks firewall is concerned about threats based on domain generation algorithms (DGAS).
Which Security profile is used to configure Domain Name Security (DNS) to Identity and block
previously unknown DGA-based threats in real time?
A service provider has acquired a pair of PA-7080s for its data center to secure its customer base's traffic. The server provider's traffic is largely generated by smart phones and averages 6.000,000 concurrent sessions.
Which Network Processing Card should be recommended in the Bill of Materials?
A customer requests that a known spyware threat signature be triggered based on a rate of occurrence, for example, 10 hits in 5 seconds.
How is this goal accomplished?
A company has deployed the following
• VM-300 firewalls in AWS
• endpoint protection with the Traps Management Service
• a Panorama M-200 for managing its VM-Series firewalls
• PA-5220s for its internet perimeter,
• Prisma SaaS for SaaS security.
Which two products can send logs to the Cortex Data Lake? (Choose two).