PCNSE: Which external authentication services can firewall use to authenticate admins into Palo Alto Networks NGFW 

Understand how Palo Alto Networks NGFW uses RADIUS, TACACS+, and LDAP for admin authentication. No local admin account needed.

Question

Which three external authentication services can the firewall use to authenticate admins into the Palo Alto Networks NGFW without creating administrator account on the local firewall? (Choose three.)

A. TACACS+
B. Kerberos
C. SAML
D. RADIUS
E. LDAP

Answer

A. TACACS+
D. RADIUS
E. LDAP

Explanation

The firewall can use RADIUS, TACACS+, and LDAP to authenticate admins into the Palo Alto Networks NGFW without creating an administrator account on the local firewall.

RADIUS (Remote Authentication Dial-In User Service) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect and use a network service.

TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services.

LDAP (Lightweight Directory Access Protocol) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.

Palo Alto Networks Certified Network Security Engineer PCNSE certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Palo Alto Networks Certified Network Security Engineer PCNSE exam and earn Palo Alto Networks Certified Network Security Engineer PCNSE certification.