Palo Alto Networks NetSec-Pro - Palo Alto Networks Certified Network Security Professional Certification Exam
Question #6 (Topic: Demo Questions)
What statuses may appear when devices are added to the controller’s Devices inventory list?
Correct Answer: A, B, C
Explanation:
Prisma SD-WAN device inventory can show statuses such as Unclaimed , Offline , and Online-Restricted to indicate onboarding and communication state.
[Reference:https://docs.paloaltonetworks.com/prisma-sd-wan/, ]
Question #7 (Topic: Demo Questions)
Which component of NGFW is supported in active/passive design but not in active/active design?
Correct Answer: A
Explanation:
Single floating IP address (also known as a floating IP or shared IP) is supported only in an active/passive HA pair. In active/active HA, both firewalls are forwarding traffic simultaneously and thus do not share a single floating IP.
Single floating IP address (also known as a floating IP or shared IP) is supported only in an active/passive HA pair. In active/active HA, both firewalls are forwarding traffic simultaneously and thus do not share a single floating IP.
“In active/passive HA, a single floating IP address is used for seamless failover. Active/active HA requires separate IP addresses and does not support a single floating IP.”
(Source: Active/Passive vs. Active/Active HA)
This simplifies failover in active/passive deployments by using a single shared IP that moves to the active peer upon failover.
Question #8 (Topic: Demo Questions)
Which two security services are required for configuration of NGFW Security policies to protect against malicious and misconfigured domains? (Choose two.)
Correct Answer: A, D
Explanation:
Protecting against malicious and misconfigured domains requires two critical services: