Skip to Content

PCNSE: Which parts of Panorama Template Engineer can Configure

By: Author Alex Lim

Posted on

Categories Exam

Focus on Panorama template configuration. Learn about Service Route Configuration, NTP Server Address, and Authentication Profile settings for effective firewall management.

Table of Contents

Question

An engineer is configuring a template in Panorama which will contain settings that need to be applied to all firewalls in production.

Which three parts of a template an engineer can configure? (Choose three.)

A. Service Route Configuration
B. Dynamic Address Groups
C. NTP Server Address
D. Antivirus Profile
E. Authentication Profile

Answer

A. Service Route Configuration
C. NTP Server Address
E. Authentication Profile

Explanation

In the context of configuring a template in Panorama for Palo Alto Networks firewalls, an engineer can configure the following three parts:

  1. Service Route Configuration (Option A): This allows the engineer to specify the path that management traffic takes to reach its destination. By default, all management traffic is routed through the management interface of the firewall. However, with service routes, the engineer can configure the firewall to use a dataplane interface for certain types of traffic.
  2. NTP Server Address (Option C): The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source. In a Panorama template, the engineer can specify the NTP Server Address to ensure all firewalls in production have synchronized time settings.
  3. Authentication Profile (Option E): Authentication profiles define the methods and servers that firewalls use to authenticate administrators, end users, and devices. The engineer can configure these profiles in a Panorama template and apply them to all firewalls in production.

While Dynamic Address Groups (Option B) and Antivirus Profile (Option D) are important components of a firewall’s configuration, they are typically defined in the security policy and objects respectively, rather than in the Panorama template.

Palo Alto Networks Certified Network Security Engineer PCNSE certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Palo Alto Networks Certified Network Security Engineer PCNSE exam and earn Palo Alto Networks Certified Network Security Engineer PCNSE certification.