Which conditions must be met when provisioning a high availability (HA) cluster? (Choose two.)
Answer : B, D
A company wants to deploy IPv6 on its network which requires that all company Palo Alto Networks firewalls process IPv6 traffic and to be configured with IPv6 addresses. Which consideration should the engineers take into account when planning to enable IPv6?
Answer : D
Refer to the exhibit.
A security engineer has configured a GlobalProtect portal agent with four gateways Which GlobalProtect Gateway will users connect to based on the chart provided?
Answer : C
Based on the provided table, the GlobalProtect portal agent configuration includes four gateways with varying priorities and response times. Users will connect to the gateway with the highest priority and, if multiple gateways share the same priority, the one with the lowest response time.
Answer Determination
Prioritize by Priority Level:
East: Highest
South: High
West: Medium
Central: Low
Evaluate Response Times Within Each Priority:
East (Highest): 35 ms
South (High): 30 ms
West (Medium): 50 ms
Central (Low): 20 ms
Given the highest priority is 'East' with a response time of 35 ms, users will connect to the East gateway based on the highest priority.
A firewall administrator manages sets of firewalls which have two unique idle timeout values. Datacenter firewalls needs to be set to 20 minutes and BranchOffice firewalls need to be set to 30 minutes. How can the administrator assign these settings through the use of template stacks?
Answer : D
A company is expanding its existing log storage and alerting solutions All company Palo Alto Networks firewalls currently forward logs to Panoram
a. Which two additional log forwarding methods will PAN-OS support? (Choose two)
Answer : C, D
A network security engineer is going to enable Zone Protection on several security zones How can the engineer ensure that Zone Protection events appear in the firewall's logs?
Answer : A
An engineer is tasked with decrypting web traffic in an environment without an established PKI When using a self-signed certificate generated on the firewall which type of certificate should be in? approved web traffic?
Answer : B