How many firewalls warrant the use of Panorama - 6
A PA's default MGT IP is - 192.168.1.1
Disable ________ and _________ on the MGT interface - Telnet and HTTP
Palo Alto recommends not giving the ____ port _______ access, instead: give ______ access to a
_______ port - MGT, external, external, ...
How many firewalls warrant the use of Panorama - ✔✔6
A PA's default MGT IP is - ✔✔192.168.1.1
Disable ________ and _________ on the MGT interface - ✔✔Telnet and HTTP
Palo Alto recommends not giving the ____ port _______ access, instead: give ______ access to a
_______ port - ✔✔MGT, external, external, data
___________ ________________ are how a PA accesses updates, etc., they can be customized per vsys
- ✔✔Service routes
How do you configure service routes - ✔✔Device > setup > services > global > service route
configuration
What is the security policy best practice regarding IDing applications? - ✔✔Use the application ID, NOT
the application's usual port.
How should you leave the service tab configured in a security policy rule for the most effective filtering?
- ✔✔Application default, not 'any'
The threat prevention license includes.... - ✔✔A/V, anti-spyware, and vulnerability protection
,The decryption mirroring license allows... - ✔✔Decrypted traffic to be sent to a separate collector
The URL filtering license allows... - ✔✔The ability to make security policy rules based on dynamic URL
categories
What are the three different options for URL filtering updates? - ✔✔Brightcloud
Pan-db public
Pan-db private (on-prem appliance)
The virtual systems license allows... - ✔✔PA-3000 to have multiple vsys
PA-4000,5000,5200 and 7000 to have more than default vsys (varies by platform)
What platforms do not support virtual systems - ✔✔PA 800, 500, 200, 220 and VM series
Can you get wildfire updates without a wildfire license? What license allows this? - ✔✔Yes you can,
with the threat prevention license
What types of files can you scan with a WF license - ✔✔PDF
APK
JAVA
Office Suite
How fast can you get wildfire updates if you have a WF license? - ✔✔Real-time, immediately
How often does Palo recommend getting WF updates with a WF license? - ✔✔Every minute
,Can you get WF updates from a WF-500 appliance with the threat prevention license? - ✔✔No, you
need a WF license for this function
Can you deploy Global Protect without a Global Protect license? - ✔✔Yes
What additional Global Protect features does the Global Protect license provide? - ✔✔IPV6
Mobile App
Clientless VPN
What is AutoFocus? - ✔✔Graphical analysis of Firewall logs
What are the three options you can use to activate a license? - ✔✔Retrieve license keys from license
server
Use authorization code
Manually upload using license key
What license activation requires a commit before it becomes functional? - ✔✔WF license
What are the different types of content updates (7)? - ✔✔A/V
APPLICATIONS
APPLICATIONS AND THREATS
GLOBAL PROTECT DATA FILE
GLOBAL PROTECT CLIENTLESS VPN
BRIGHTCLOUD URL FILTERING
WILDFIRE
WF-PRIVATE
, A/V content updates require what license - ✔✔TP
Do application content updates require a license? - ✔✔No, just a valid support contract
Do application and threat content updates require a license? - ✔✔Yes, TP license
What is the purpose of global protect data file content updates? - ✔✔Vendor specific info for
evaluating HIP data returned by Global Protect agent
What license if required for GP data file content updates? - ✔✔GP license
What is the purpose of global protect clientless vpn content updates? - ✔✔App signatures for clientless
access to common web apps
What is the purpose of Brightcloud URL filtering content updates? - ✔✔Used to gather brightcloud URL
filtering DB updates
How often are Brightcloud updates published? - ✔✔Daily
Do you need to schedule PAN-DB URL filtering updates? - ✔✔No, they are pushed automatically
What is the purpose of WF content updates? - ✔✔Realtime MW and A/V sigs
If you only have a threat prevention license, how often can you get WF updates? - ✔✔Every 24 to 48
hours
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Layer. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.49. You're not tied to anything after your purchase.
