examstrack logo
The UDP-4501 protocol-port is to between which two GlobalProtect components?
An administrator is using Panorama to manage multiple firewalls. After upgrading all devices to the latest PAN-OS software, the administrator enables log forwarding from the firewalls to Panorama.
However, pre-existing logs from the firewalls are not appearing in Panorama.
Which action should be taken to enable the firewalls to send their pre-existing logs to Panorama?
After implementing a new NGFW, a firewall engineer sees a VoIP traffic issue going through the firewall After troubleshooting the engineer finds that the firewall performs NAT on the voice packets payload and opens dynamic pinholes for media ports
What can the engineer do to solve the VoIP traffic issue?
An engineer troubleshoots a high availability (HA) link that is unreliable.
Where can the engineer view what time the interface went down?
A company CISO updates the business Security policy to identify vulnerable assets and services and deploy protection for quantum-related attacks. As a part of this update, the firewall team is reviewing the cryptography used by any devices they manage. The firewall architect is reviewing the Palo Alto Networks NGFWs for their VPN tunnel configurations. It is noted in the review that the NGFWs are running PAN-OS 11.2. Which two NGFW settings could the firewall architect recommend to deploy protections per the new policy? (Choose two)
An engineer creates a set of rules in a Device Group (Panorama) to permit traffic to various services for a specific LDAP user group.
What needs to be configured to ensure Panorama can retrieve user and group information for use in these rules?
A network security administrator wants to begin inspecting bulk user HTTPS traffic flows egressing out of the internet edge firewall. Which certificate is the best choice to configure as an SSL Forward Trust certificate?
When backing up and saving configuration files, what is achieved using only the firewall and is not available in Panorama?
Panorama is being used to upgrade the PAN-OS version on a pair of firewalls in an active/passive high availability (HA) configuration. The Palo Alto Networks best practice upgrade steps have been completed in Panorama (Panorama upgraded, backups made, content updates, and disabling "Preemptive" pushed), and the firewalls are ready for upgrade. What is the next best step to minimize downtime and ensure a smooth transition?
|
PDF + Testing Engine
|
|---|
|
$66 |
|
Testing Engine
|
|---|
|
$50 |
|
PDF (Q&A)
|
|---|
|
$42 |
Paloalto Networks Free Exams |
|---|
|
Copyright © 2025 Examstrack. All Rights Reserved
TESTED 14 Oct 2025
