Which two virtualized environments support Active/Active High Availability (HA) in PAN-OS 8.0? (Choose two.)
Answer : A, B
Which two actions are required to make Microsoft Active Directory users appear in a firewall traffic log? (Choose two.)
Answer : A, D
A distributed log collection deployment has dedicated log Collectors. A developer needs a device to send logs to Panorama instead of sending logs to the Collector Group.
What should be done first?
Answer : C
Which Device Group option is assigned by default in Panorama whenever a new device group is created to manage a Firewall?
Answer : C
Refer to Exhibit:
A firewall has three PDF rules and a default route with a next hop of 172.29.19.1 that is configured in the default VR. A user named XX-bes a PC with a 192.168.101.10 IP address.
He makes an HTTPS connection to 172.16.10.29.
What is the next hop IP address for the HTTPS traffic from Wills PC.
Answer : B
Company.com has an in-house application that the Palo Alto Networks device doesn't identify correctly. A Threat Management Team member has mentioned that this in-house application is very sensitive and all traffic being identified needs to be inspected by the Content-ID engine.
Which method should company.com use to immediately address this traffic on a Palo Alto Networks device?
Answer : D
A company has a web server behind a Palo Alto Networks next-generation firewall that it wants to make accessible to the public at 18.104.22.168. The company has decided to configure a destination NAT Policy rule.
Given the following zone information:
* DMZ zone: DMZ-L3
* Public zone: Untrust-L3
* Guest zone: Guest-L3
* Web server zone: Trust-L3
* Public IP address (Untrust-L3): 22.214.171.124
* Private IP address (Trust-L3): 192.168.1.50
What should be configured as the destination zone on the Original Packet tab of NAT Policy rule?
Answer : A