NGFW-ENGINEER · Question #97
NGFW-ENGINEER Question #97: Real Exam Question with Answer & Explanation
Sign in or unlock NGFW-ENGINEER to reveal the answer and full explanation for question #97. The question stem and answer options stay visible for context.
Question
An organization must secure its AWS and Azure environments using a managed Palo Alto Networks solution, and all policies must be synchronized from an existing Panorama deployment. The organization wants to insert security with the least possible impact on its application teams and use existing hub-and-spoke network designs. - The AWS environment uses a centralized AWS Transit Gateway (TGW) architecture. - The Azure environment uses a Virtual WAN (vWAN) hub. Which two actions are the most appropriate in this use case? (Choose two.)
Options
- ADeploy Cloud NGFW endpoints in every application virtual private cloud (VPC), ignoring the TGW.
- BDeploy Cloud NGFW into the vWAN hub as a trusted security partner, and update routing policies
- CDeploy individual VM-Series firewalls in each spoke virtual network (VNet) and manage them as a
- DDeploy Cloud NGFW endpoints into a security virtual private cloud (VPC), and adjust the TGW
Unlock NGFW-ENGINEER to see the answer
You've previewed enough free NGFW-ENGINEER questions. Unlock NGFW-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.