What type of address object would be useful for internal devices where the addressing structure assigns meaning to certain bits in the address, as illustrated in the diagram?
Correct Answer:
B
An administrator is using Panorama to manage me and suspects an IKE Crypto mismatch between peers, from the firewalls to Panorama. However, pre-existing logs from the firewalls are not appearing in Panorama.
Which action should be taken to enable the firewalls to send their pre-existing logs to Panorama?
Correct Answer:
D
An administrator analyzes the following portion of a VPN system log and notices the following issue "Received local id 10 10 1 4/24 type IPv4 address protocol 0 port 0, received remote id 10.1.10.4/24 type IPv4 address protocol 0 port 0."
What is the cause of the issue?
Correct Answer:
C
A firewall administrator requires an A/P HA pair to fail over more quickly due to critical business application uptime requirements.
What is the correct setting?
Correct Answer:
C
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/set-up-activepassive-ha/configure In an A/P HA pair, HA (High Availability) timers are used to determine how quickly the firewall should fail over in case of a failure. Typically, the firewall administrator can choose between several predefined timer profiles such as "normal", "aggressive", and "fast".
Changing the HA timer profile to "user-defined" and manually setting the timers would allow the administrator to fine-tune the failover timing and make sure it meets the uptime requirements for the critical business applications. This approach allows the administrator to set the timers to the lowest possible value without compromising the stability and security of the firewall.
An engineer needs to see how many existing SSL decryption sessions are traversing a firewall What command should be used?
Correct Answer:
B