nerdexam
ExamsNGFW-ENGINEERQuestions#57
Palo_Alto_NetworksPalo_Alto_Networks

NGFW-ENGINEER · Question #57

NGFW-ENGINEER Question #57: Real Exam Question with Answer & Explanation

The correct answer is A: Tunnel. When configuring a new security zone on a Palo Alto Networks firewall, the two valid zone types Tunnel: A Tunnel zone is used for traffic that is associated with a VPN tunnel, such as IPSec tunnels. Traffic passing through a tunnel interface is classified into this zone. Virtual

Configure Network Interfaces and Zones

Question

Which two zone types are valid when configuring a new security zone? (Choose two.)

Options

  • ATunnel
  • BIntrazone
  • CInternal
  • DVirtual Wire

Explanation

When configuring a new security zone on a Palo Alto Networks firewall, the two valid zone types Tunnel: A Tunnel zone is used for traffic that is associated with a VPN tunnel, such as IPSec tunnels. Traffic passing through a tunnel interface is classified into this zone. Virtual Wire: A Virtual Wire zone is used when a firewall operates in transparent mode (also known as Layer 2 mode). In this configuration, the firewall can inspect traffic without modifying the IP address structure of the network.

Topics

#Security Zones#Network Interfaces#Palo Alto NGFW#Firewall Configuration

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full NGFW-ENGINEER PracticeBrowse All NGFW-ENGINEER Questions