Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 25

Which source is the most reliable for collecting User-ID user mapping?

Where is Palo Alto Networks Device Telemetry data stored on a firewall with a device certificate installed?

An engineer decides to use Panorama to upgrade devices to PAN-OS 10.2.

Which three platforms support PAN-OS 10 2? (Choose three.)

An engineer configures SSL decryption in order to have more visibility to the internal users' traffic when it is regressing the firewall.

Which three types of interfaces support SSL Forward Proxy? (Choose three.)

An organization is interested in migrating from their existing web proxy architecture to the Web Proxy feature of their PAN-OS 11.0 firewalls. Currently. HTTP and SSL requests contain the c IP address of the web server and the client browser is redirected to the proxy Which PAN-OS proxy method should be configured to maintain this type of traffic flow?

A company is deploying User-ID in their network. The firewall learn needs to have the ability to see and choose from a list of usernames and user groups directly inside the Panorama policies when creating new security rules How can this be achieved?

After importing a pre-configured firewall configuration to Panorama, what step is required to ensure a commit/push is successful without duplicating local configurations?

An engineer creates a set of rules in a Device Group (Panorama) to permit traffic to various services for a specific LDAP user group.

What needs to be configured to ensure Panorama can retrieve user and group information for use in these rules?

An engineer is tasked with configuring SSL forward proxy for traffic going to external sites.

Which of the following statements is consistent with SSL decryption best practices?