What are two ways to manually add and remove members of dynamic user groups (DUGs)? (Choose two)

A. Add the user to an external dynamic list (EDL).

B. Tag the user using Panorama or the Web Ul of the firewall.

C. Tag the user through the firewalls XML API.

D. Tag the user through Active Directory

When having a customer pre-sales call, which aspects of the NGFW should be covered?

A. The NGFW simplifies your operations through analytics and automation while giving you consistent protection through exceptional visibility and control across the data center, perimeter, branch, mobile and cloud networks

B. The Palo Alto Networks-developed URL filtering database, PAN-DB provides highperformance local caching for maximum inline performance on URL lookups, and offers coverage against malicious URLs and IP addresses. As WildFire identifies unknown malware, zero-day exploits, and advanced persistent threats (APTs), the PAN-DB database is updated with information on malicious URLs so that you can block malware downloads and disable Command and Control (C2) communications to protect your network from cyberthreats. URL categories that identify confirmed malicious content — malware, phishing, and C2 are updated every five minutes — to ensure that you can manage access to these sites within minutes of categorization

C. The NGFW creates tunnels that allow users/systems to connect securely over a public network, as if they were connecting over a local area network (LAN). To set up a VPN tunnel you need a pair of devices that can authenticate each other and encrypt the flow of information between them The devices can be a pair of Palo Alto Networks firewalls, or a Palo Alto Networks firewall along with a VPN-capable device from another vendor

D. Palo Alto Networks URL Filtering allows you to monitor and control the sites users can access, to prevent phishing attacks by controlling the sites to which users can submit valid corporate credentials, and to enforce safe search for search engines like Google and Bing

In an HA pair running Active/Passive mode, over which interface do the dataplanes communicate?

A. HA3

B. HA1

C. HA2

D. HA4

Which three signature-based Threat Prevention features of the firewall are informed by intelligence from the Threat Intelligence Cloud? (Choose three.)

A. Vulnerability protection

B. Anti-Spyware

C. Anti-Virus

D. Botnet detection

E. App-ID protection

Which statement is true about Deviating Devices and metrics?

A. A metric health baseline is determined by averaging the health performance for a given metric over seven days plus the standard deviation

B. Deviating Device Tab is only available with a SD-WAN Subscription

C. An Administrator can set the metric health baseline along with a valid standard deviation

D. Deviating Device Tab is only available for hardware-based firewalls

What is the key benefit of Palo Alto Networks Single Pass Parallel Processing design?

A. There are no benefits other than slight performance upgrades

B. It allows Palo Alto Networks to add new functions to existing hardware

C. Only one processor is needed to complete all the functions within the box

D. It allows Palo Alto Networks to add new devices to existing hardware

Which three mechanisms are valid for enabling user mapping? (Choose three.)

A. Captive Portal

B. Domain server monitoring

C. Reverse DNS lookup

D. User behaviour recognition

E. Client probing

Which two features are key in preventing unknown targeted attacks? (Choose two)

A. nighty botnet report

B. App-ID with the Zero Trust model

C. WildFire Cloud threat analysis

D. Single Pass Parallel Processing (SP3)

Which solution informs a customer concerned about zero-day targeted attacks whether an attack is specifically targeted at its property?

A. AutoFocus

B. Panorama Correlation Report

C. Cortex XSOAR Community edition

D. Cortex XDR Prevent

What are two advantages of the DNS Sinkholing feature? (Choose two.)

A. It forges DNS replies to known malicious domains.

B. It monitors DNS requests passively for malware domains.

C. It can be deployed independently of an Anti-Spyware Profile.

D. It can work upstream from the internal DNS server.

A customer is designing a private data center to host their new web application along with a separate headquarters for users. Which cloud-delivered security service (CDSS) would be recommended for the headquarters only?

A. Threat Prevention

B. DNS Security

C. WildFire

D. Advanced URL Filtering (AURLF)

The firewall includes predefined reports, custom reports can be built for specific data and actionable tasks, or predefined and custom reports can be combined to compile information needed to monitor network security. The firewall provides which three types of reports? (Choose three.)

A. SNMP Reports

B. PDF Summary Reports

C. Netflow Reports

D. Botnet Reports

E. User or Group Activity Reports