What is required to integrate a Palo Alto Networks VM-Series firewall with Azure Orchestration?
To integrate a Palo Alto Networks VM-Series firewall with Azure Orchestration, you need an API Key. The API Key is used to authenticate and authorize requests from Azure Orchestration to the VM-Series firewall. The API Key is generated on the VM-Series firewall and copied to Azure Orchestration. Reference: [Azure Orchestration Integration with Palo Alto Networks VM-Series Firewalls]
Which service, when enabled, provides inbound traffic protection?
DNS Security is a service that provides inbound traffic protection by preventing DNS-based attacks. DNS Security uses machine learning and threat intelligence to identify and block malicious domains, command and control (C2) traffic, and DNS tunneling. Reference: [DNS Security]
Which two configuration options does Palo Alto Networks recommend for outbound high availability (HA) design in Amazon Web Services using a VM-Series firewall? (Choose two.)
Palo Alto Networks recommends two configuration options for outbound high availability (HA) design in Amazon Web Services using a VM-Series firewall: transit gateway and Security VPC, and traditional active-passive HA. Transit gateway and Security VPC allows you to use a single transit gateway to route traffic between multiple VPCs and the internet, while using a Security VPC to host the VM-Series firewalls. Traditional active-passive HA allows you to use two VM-Series firewalls in an HA pair, where one firewall is active and handles all traffic, while the other firewall is passive and takes over in case of a failure. Reference: [VM-Series Deployment Guide for AWS Outbound VPC]
Which two criteria are required to deploy VM-Series firewalls in high availability (HA)? (Choose two.)
To deploy VM-Series firewalls in high availability (HA), you need to assign identical licenses and subscriptions, and deploy them on a different host. Assigning identical licenses and subscriptions ensures that both firewalls have the same features and capabilities. Deploying them on a different host ensures that they are not affected by the same host failure. Reference: [VM-Series High Availability]
What is a benefit of CN-Series firewalls securing traffic between pods and other workload types?
A benefit of CN-Series firewalls securing traffic between pods and other workload types is that it allows for automatic deployment, provisioning, and immediate policy enforcement without any manual intervention. CN-Series firewalls are integrated with Kubernetes and use the Kubernetes API server to get information about pod labels, namespaces, services, and network policies. CN-Series firewalls can also use Panorama or Terraform to automate the configuration and management of security policies. Reference: [CN-Series Deployment Guide]
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 65 Questions & Answers