Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Correct options should be B and C:
To dynamically register tags, you can use:
- the XML API
- the User-ID agent
- Panorama
- the web interface on the firewall
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamic-user-groups
This question should be reviewed further, according the documentation here is the statement: "You can then use these tags to automatically populate policy objects such as dynamic user groups or dynamic address groups, which can then be used to automate security actions in security, authentication, or decryption policies"
Depending on the type of log you want to use for tagging, create a log forwarding profile or configure the log settings to define how you want the firewall or Panorama to handle logs.
For Authentication, Data, Threat, Traffic, Tunnel Inspection, URL, and WildFire logs, create a log forwarding profile.
For User-ID, GlobalProtect, and IP-Tag logs, configure the log settings
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-auto-tagging-to-automate-security-actions
To dynamically register tags, you can use:
the XML API
the User-ID agent
Panorama
the web interface on the firewall
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamic-user-groups
answer: BD
https://docs.paloaltonetworks.com/best-practices/10-1/user-id-best-practices/user-id-best-practices/user-id-best-practices-for-dynamic-user-groups
Firewall logs - create a log forwarding profile and use the Built-In Actions
Custom API scripts
B and D are the answers. See the text from PCNSE Study Guide:
Several methods are available to tag or untag usernames. As shown in the following screenshot (in the book), you can manually tag and untag usernames by using the web interface. Usernames can also be tagged and untagged by using the auto-tagging feature in a Log Forwarding Profile. (NOTE: I have practically done both.). You also can program another utility to invoke the PAN-OS XML API commands to tag or untag usernames. (NOTE: I've not tried XML API myself tho.
Its B and D, "You can manually tag and untag usernames using the web interface. Usernames can also be tagged and untagged by using the auto-tagging feature in a log forwarding profile or by programming another utility to invoke PAN-OS XML API commands. "
Got this from a file called EDU-210-10.1a-M12-UserID-1.pdf which is can be access in the EDU-210 training course.
They are askting to tag a specific user. From the given options it mus be B and C. I agree that you would need D to scan your logs and automatically tag users if something happens but the answer does not match the question.
A is out of question
In the Palo Alto trainings they mention two ways to populate dynamic user group (DUG):
1. XML API
2. Log forwarding auto-tagging
In other words, how would you automatically include tagged usernames using Panorama or Web interface?!
- The answer is, you do that through defining a filter & an action in Dynamic user groups, followed by Log forwarding configuration, if you don't activate the log forwarding auto-tagging in the security policy, then the Dynamic user group (DUG) will NOT be populated....you can test it yourself in any Palo Alto firewall.
Without 'Log forwarding auto-tagging' attached to your security policy, the defined log filter & it's action in DUG will NOT forward any recognised username - which matches the predefined filter & action - to the dynamic user group
So the answer is B & D
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
nabilzay
Highly Voted 3 years, 3 months agoAaronyukin
Most Recent 6 months, 2 weeks agoVeasna_shadow
7 months, 1 week agokenyabolada
8 months, 2 weeks agoKalender
10 months, 2 weeks agoguuillauume
10 months, 2 weeks agoo0ZACK0o
1 year ago[Removed]
1 year agofb48
1 year, 1 month agoOhEmGee
1 year, 1 month agomecacig953
1 year, 1 month agonuWat
1 year, 5 months agoz8d21oczd
1 year, 8 months agocommandlineclown
1 year, 10 months agojavim
1 year, 10 months agokewokil120
1 year, 10 months agoolexx
2 years agoCyril_the_Squirl
2 years, 5 months agoramasamymuthiah
2 years, 11 months ago