Which two features can be used to tag a username so that it is included in a dynamic user group? (Choose two.)
What is the function of a service route?
An administrator is considering upgrading the Palo Alto Networks NGFW and central management Panorama version.
What is considered best practice for this scenario?
VPN traffic intended for an administrators Palo Alto Networks NGFW is being maliciously intercepted and retransmitted by the interceptor. When creating a VPN tunnel, which protection profile can be enabled to prevent this malicious behavior?
A Security policy rule is configured with a Vulnerability Protection Profile and an action of Deny.
Which action will this configuration cause on the matched traffic?
Which two features require another license on the NGFW? (Choose two.)
An engineer is creating a template and wants to use variables to standardize the configuration across a large number of devices.
Which two variable types can be defined? (Choose two.)
Which Zone Pair and Rule Type will allow a successful connection for a user on the Internet zone to a web server hosted on the DMZ zone? The web server is reachable using a Destination NAT policy in the Palo Alto Networks firewall.
An administrator cannot see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports. The configuration problem seems to be on the firewall.
Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the firewall to Panorama?
An engineer is configuring Packet Buffer Protection on ingress zones to protect from single-session DoS attacks. Which sessions does Packet Buffer Protection apply to?