ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam NGFW-Engineer All Questions

View all questions & answers for the NGFW-Engineer exam
Go to Exam

Exam NGFW-Engineer topic 1 question 44 discussion

Actual exam question from Palo Alto Networks's NGFW-Engineer
Question #: 44
Topic #: 1
[All NGFW-Engineer Questions]

An enterprise uses GlobalProtect with both user- and machine-based certificate authentication and requires pre-logon, OCSP checks, and minimal user disruption. They manage multiple firewalls via Panorama and deploy domain-issued machine certificates via Group Policy.
Which approach ensures continuous, secure connectivity and consistent policy enforcement?

  • A. Use a wildcard certificate from a public CA, disable all revocation checks to reduce latency, and manage certificate renewals manually on each firewall.
  • B. Distribute root and intermediate CAs via Panorama template, use distinct certificate profiles for user versus machine certs, reference an internal OCSP responder, and automate certificate deployment with Group Policy.
  • C. Configure a single certificate profile for both user and machine certificates. Rely solely on CRLs for revocation to minimize complexity.
  • D. Deploy self-signed certificates on each firewall, allow IP-based authentication to override certificate checks, and use default GlobalProtect settings for user / machine identification.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Seidor_Analytics at July 29, 2025, 5:50 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Kane4555
1 week, 1 day ago
Selected Answer: B
B. You could know little about the topic presented, and see that A,C, and D contradict the ask of the question.
upvoted 1 times
...
Seidor_Analytics
2 weeks, 3 days ago
Selected Answer: B
B is the textbook answer for this situation.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel