PCNSE · Question #403
PCNSE Question #403: Real Exam Question with Answer & Explanation
Sign in or unlock PCNSE to reveal the answer and full explanation for question #403. The question stem and answer options stay visible for context.
Question
An enterprise has a large Palo Alto Networks footprint that includes onsite firewalls and Prisma Access for mobile users, which is managed by Panorama. The enterprise already uses GlobalProtect with SAML authentication to obtain IP-to-user mapping information. However, Information Security wants to use this information in Prisma Access for policy enforcement based on group mapping. Information Security uses on-premises Active Directory (AD) but is uncertain about what is needed for Prisma Access to learn groups from AD. How can policies based on group mapping be learned and enforced in Prisma Access?
Options
- AConfigure Prisma Access to learn group mapping via SAML assertion.
- BSet up group mapping redistribution between an onsite Palo Alto Networks firewall and Prisma
- CAssign a master device in Panorama through which Prisma Access learns groups.
- DCreate a group mapping configuration that references an LDAP profile that points to on-premises
Unlock PCNSE to see the answer
You've previewed enough free PCNSE questions. Unlock PCNSE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.