Professional Documents
Culture Documents
Updates to dynamic user group membership are automatic; therefore, using dynamic user groups instead of static
group objects allows you to
A respond to changes in user behavior or potential threats without manual policy changes
B respond to changes in user behavior or potential threats without automatic policy changes
C respond to changes in user behavior or confirmed threats with manual policy changes
D respond to changes in user behavior or potential threats using manual policy changes
Answer: A
Question 2
An administrator accidentally closed the commit window/screen before the commit was finished. Which two options
could the administrator use to verify the progress or success of that commit task? (Choose two.)
A System logs
B Traffic Logs
C Task Manager
D configuration logs
Answer: A, C
Question 3
To protect your firewall and network from single source denial of service attacks that can overwhelm its packet
buffer and cause legitimate traffic to drop, you can configure.
Answer: D
Question 4
An administrator is configuring authentication enforcement, and they would like to create an exemption rule to
exempt a specific group from authentication. Which authentication enforcement object should they select?
A Default-web-form
B Default-no-captive-portal
C default-authentication-bypass
D default-browser-challenge
Answer: B
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/objects/objects-authentication.html
Question 5
How can an administrator configure the NGFW to automatically quarantine a device using GlobalProtect?
C by adding the device host ID to a quarantine list and configure GlobalProtect to prevent users from connecting to
the GlobalProtect gateway from a quarantined device
D by exporting the list of quarantined devices to a PDF or CSV file by selecting PDF/CSV at the bottom of the device
quarantine page leveraging the appropriate XSOAR playbook
Answer: C
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-new-features/globalprotect-features/identification-and-
quarantine-of-compromised-devices.html
Question 6:
Answer: D
Firewall must be in factory default state or have all private data deleted for bootstrapping.
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/firewall-administration/bootstrap-the-firewall/usb-
flash-drive-support.html
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/firewall-administration/bootstrap-the-
firewall/prepare-a-usb-flash-drive-for-bootstrapping-a-firewall.html