Where in the PAN-OS GUI can an administrator monitor the rule usage for a specified period of time?
The Policy Optimizer is a feature in the PAN-OS GUI that allows an administrator to monitor the rule usage for a specified period of time, as well as optimize the security policies based on the traffic logs and recommendations. The Policy Optimizer can help the administrator to improve the security posture, reduce the attack surface, and simplify the policy management. The Policy Optimizer can be accessed from Policies > Policy Optimizer in the PAN-OS GUI.Reference:Policy Optimizer,View Policy Rule Usage,Updated Certifications for PAN-OS 10.1
Which table for NAT and NPTv6 (IPv6-to-IPv6 Network Prefix Translation) settings is available only on Panorama?
The NAT Target tab is a table that allows you to specify the target firewalls or device groups for each NAT policy rule on Panorama. This tab is available only on Panorama and not on individual firewalls. The NAT Target tab enables you to create a single NAT policy rulebase on Panorama and then selectively push the rules to the firewalls or device groups that require them.This reduces the complexity and duplication of managing NAT policies across multiple firewalls1.Reference:NAT Target Tab,NAT Policy Overview,NPTv6 Overview,Updated Certifications for PAN-OS 10.1.
What two actions can be taken when implementing an exception to an External Dynamic List? (Choose two.)
Which feature enables an administrator to review the Security policy rule base for unused rules?
The Policy Optimizer feature enables an administrator to review the Security policy rule base for unused rules, unused applications, and shadowed rules. The Policy Optimizer provides information and recommendations to help optimize the Security policy rules and reduce the attack surface.The Policy Optimizer can also identify rules that can be converted to use App-ID instead of port-based criteria12.Reference:Policy Optimizer,Tips & Tricks: How to Identify Unused Policies on a Palo Alto Networks Device
An administrator should filter NGFW traffic logs by which attribute column to determine if the entry is for the start or end of the session?
The Type attribute column in the NGFW traffic logs indicates whether the log entry is for the start or end of the session. The possible values are START, END, DROP, DENY, and INVALID. The START value means that the log entry is for the start of the session, and the END value means that the log entry is for the end of the session.The other values indicate that the session was terminated by the firewall for various reasons12.Reference:Traffic Log Fields,Session Log Best Practices
Elenor
4 days agoGladys
5 days agoElli
16 days agoEttie
19 days agoJustine
20 days agoEun
1 months agoLorrie
1 months agoLettie
1 months agoKris
2 months agoJoye
3 months agoEzekiel
3 months agoHoney
3 months agoMa
4 months agoMeghan
4 months agoCasie
4 months agoSalvaster
7 months ago