100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Palo Alto Exam | Questions And Answers Latest {} A+ Graded | 100% Verified $13.48   Add to cart

Exam (elaborations)

Palo Alto Exam | Questions And Answers Latest {} A+ Graded | 100% Verified

 1 view  0 purchase
  • Course
  • Top Academic Resources 2024/2025
  • Institution
  • Top Academic Resources 2024/2025

Palo Alto Exam | Questions And Answers Latest {} A+ Graded | 100% Verified

Preview 4 out of 33  pages

  • August 24, 2024
  • 33
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • Top Academic Resources 2024/2025
  • Top Academic Resources 2024/2025
avatar-seller
oneclass
Palo Alto Exam | Questions And Answers Latest {2024- 2025} A+ Graded | 100% Verified


What service is needed for updates? - DNS



What are the URL Filtering Security Profile actions? - Alert

Allow

Block

Continue

Override



How to mitigate vulnerabilities? - - Create v-object and add to security policy



Identities with access privildges associated with dynamic roles - Superuser

Superuser (RO)

Virtual admin

Virtual admin (RO)

Device admin

Device admin (RO)



Two types of clients - Integrated and Windows client



Methods for user mapping - Server monitor

Port Mapping

Syslog (login and logout events)

XFF header

Authentication Policy and Captive Portal

GlobalProtect

XML API

Client Probing

,What database is in the data-plane cache? - Recently used URLs



Seed Database - A regional subset of the URL database



How are next gen FWs different from traditional FW - - URL filtering

- Has the ability to identify malicious packets (malware) by dynamically learning (updates from internet).
If info is unknown then it will send/ask the cloud

- Deep packet inspection

- Application Awareness with certain protocols

- User IDs (keeps track of User's IPs)

- Inspects encrypted packets



Deep packet inspection - Looking beyond L3 and L4



Application Awareness - Blocks certain aspects of an application

- Ex. Users can get into facebook, but not use messenger



How to next gen firewalls cover encrypted traffic? - Two tunnels are created.

One before and one after the FW. The FW inspects the app details before it re-encrypts data



How to start the initial config? - 1. Connect to the device

2. Change the IP to the subnet of the routers interface

3. Add DNS and gateway



Are there other interfaces on the device? - Yes, a physical management interface



What command is needed for any changes in the CLI? - commit... this will add it to running config

,Where to find IP services in GUI? - Under devices



By default, which interface is used for routing traffic? - Management

You can add more or change



What to consider when update PAN-OS? - Update dynamic software first (anti-virus, threat detection,
etc)



How do updates work? - Go under device to software then hit "check now" at the bottom

You can click "download" then "install"

**Dynamic software first***



What should you do before making adjustments to the FW? - See what kind of traffic is coming in first

"Try the food before you salt it"



What is TAP mode/TAP interface? - Used for analyzing data

- Usually, the connected Cisco switch is using SPAN to replicate traffic



Can PAs distinguish between apps with the same protocol and port number? - Yes



How do virtual wire interfaces work? - For existing networks..

- You can add the FW between two routers

- There will be one virtual interface per router

- Both interfaces will be in the same subnet as the routers interface so traffic has to go through it

- Virtual interfaces will be d/d

- Does not do L2 forwarding



How to configure vInterfaces (vWire) - - Under network, then interfaces

- Add vWires to object (vWires on left)

, - commit (allow pop ups if needed) and 20 lines



Layer 2 interface - - You can deploy the FW as a L2 switch

- Same infig under "network to interfaces"



How many interfaces can vWire support? - only 2



How does L3 work on FW? - Same as L2. Needs an IP and provides routing capabilities



Cyber Attack Lifecycle - 1. Reconnaissance

2. Weaponization

3. Delivery

4. Exploitation (initial entry point)

5. Installation (priv)

6. C&C

7. Act on Objection



Components to the Security Operating Platform - Customer Apps

- Network security

- Advanced endpoint protection

- Cloud security

- Cloud-delivered security services

- Cortex and Cortex Data Lake

- Pa Network Apps, Third Part Apps, and customer apps



Three vehciles to deliver cloud security - inline seecurity (VM-series FW)

API security (Cortex XDR, Prisma SaaS)

Host Security (Traps)- zero day prevention

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller oneclass. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.48. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

72042 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.48
  • (0)
  Add to cart