Initial Config/Deployments
App ID
Security Profiles
User ID
Random
100

How many firewall management access methods does the PANW NGFW support and what are they?

4 - Web UI, CLI, Panorma, XML API

100
What is an Application? (roughly)

An application is a specific program or feature whose communication can be labeled, monitored, and controlled.


100

In the flow-logic of the PANW NGFW the NAT policy is applied before the security check. 

What is False, the NAT policy is evaluated before security checks and applied after.
100
How do we enable User ID?
What is, on the zone. 
100

With a WildFire Subscription license, WildFire AV signatures can be polled as short as every.

What is 1 minute.
200

What services on the management-interface are enabled by default?

What is https, ssh, ping

200
True or false, App ID can use heuristics to identify unknown app data?
What is true. 
200

True or False: NAT is only supported when the PANW NGFW operates in Layer 3 mode

What is false
200
What is the default port for communication with a remote User-ID agent?
What is 5007
200
What components are required to set up Global Protect?
What is GP Portal, GP Gateway, and GP Client.
300

When editing a configuration using the GUI, a "yellow highlight" indicates what?

What is an area that needs to be configured.
300

Applications and Threats Dynamic updates are rolled out on _______ basis.

What is weekly
300

Name three valid zone-types.

What is Layer 2, Layer 3, Virtual, tap
300
When is Netbios not supported in User ID.
What is, when using a PANOS integrated agent. 
300

Global Protect: How does a client determine if they are on an internal network?

What is Reverse DNS lookup
400
What are the administrator login defaults? What is the default management IP?
What is Admin > admin and 192.168.1.1/24
400

T/F: NGFW Can Identify Application once it receives the SYN packet

What is False
400
Can sub-interfaces be applied to a different zone from the physical interface?
What is, Yes. One interface per zone, to include sub interfaces.
400

What is the command to check the current ip to user-mapping?

What is show user ip-user-mapping all



400
What Content ID profile information can be found in the "Threat Logs?" (Give me three)
What is Antivirus, Vulnerability, and Anti-spyware. 
500

In the Web UI, what must be configured to allow non-local-passwords can be authenticated through an external service. 

admin account > authentication profile > server profile


500
What is a App ID feature supports dynamic grouping of Applications?
What is Application Filters.
500

Managing the firewall using the IP address of a Layer 3 interface requires a:

Interface-Management-Profile.
500

What is the default SSL port used to communicate with LDAP servers?

What is 636
500
What information is passed in IKE Phase one of a site-to-site negotiation?
What is HAGLE - Hash, Auth, DH Group, Lifetime, and Encryption. 
M
e
n
u