Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam NetSec-Generalist Topic 5 Question 8 Discussion

Actual exam question for Palo Alto Networks's NetSec-Generalist exam
Question #: 8
Topic #: 5
[All NetSec-Generalist Questions]

All branch sites in an organization have NGFWs running in production, and the organization wants to centralize its logs with Strata Logging Service.

Which type of certificate is required to ensure connectivity from the NGFWs to Strata Logging Service?

Show Suggested Answer Hide Answer
Suggested Answer: C

To centralize logs from NGFWs to the Strata Logging Service, a Root Certificate Authority (Root CA) certificate is required to ensure secure connectivity between firewalls and Palo Alto Networks' cloud-based Strata Logging Service.

Why a Root Certificate is Required?

Authenticates Firewall Connections -- Ensures NGFWs trust the Strata Logging Service.

Enables Encrypted Communication -- Protects log integrity and confidentiality.

Prevents Man-in-the-Middle Attacks -- Ensures secure TLS encryption for log transmission.

Why Other Options Are Incorrect?

A . Device

Incorrect, because Device Certificates are used for firewall management authentication, not log transmission to Strata Logging Service.

B . Server

Incorrect, because Server Certificates authenticate service endpoints, but firewalls need to trust a Root CA for secure logging connections.

D . Intermediate CA

Incorrect, because Intermediate CA certificates are used for validating certificate chains, but firewalls must trust the Root CA for establishing secure connections.

Reference to Firewall Deployment and Security Features:

Firewall Deployment -- Ensures secure log transmission to centralized services.

Security Policies -- Prevents log tampering and unauthorized access.

VPN Configurations -- Ensures VPN logs are securely sent to the Strata Logging Service.

Threat Prevention -- Ensures firewall logs are analyzed for security threats.

WildFire Integration -- Logs malware-related events to the cloud for analysis.

Zero Trust Architectures -- Ensures secure logging of all network events.

Thus, the correct answer is: C. Root


by Gayla at Mar 23, 2025, 09:37 AM

Limited Time Offer

25%

Off

Get Premium NetSec-Generalist Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ona
5 days ago
Ugh, these certification questions are the worst. I'm just going to close my eyes and pick one. Maybe I'll get lucky and it'll be the right answer!
upvoted 0 times
...
Shizue
8 days ago
I'm going with 'C. Root' certificate. It's the big daddy of all certificates, so it should work, right? Plus, it sounds like the most secure option.
upvoted 0 times
...
Elke
9 days ago
I believe it's D) Intermediate CA, as it acts as a bridge between the Root CA and the end-entity certificate.
upvoted 0 times
...
Gerald
12 days ago
Wait, isn't a Device certificate used for, well, devices? I feel like that might be the right answer here, since the NGFWs are the devices we're talking about.
upvoted 0 times
...
Ligia
13 days ago
I'm not sure, but I think it might be C) Root certificate.
upvoted 0 times
...
Valene
14 days ago
Haha, I bet the answer is 'D. Intermediate CA'. That's the one that makes the most sense to me. Gotta love those certification exams and their tricky wording!
upvoted 0 times
...
Tresa
17 days ago
Hmm, I'm not so sure. Wouldn't a Root or Intermediate CA certificate be more appropriate in this case? I mean, we need to establish a chain of trust, right?
upvoted 0 times
...
Katlyn
20 days ago
I agree with Barbra, because Intermediate CA certificates are used for secure communication between devices and servers.
upvoted 0 times
...
Barbra
25 days ago
I think the answer is D) Intermediate CA.
upvoted 0 times
...
Sylvia
26 days ago
I think a Server certificate would be the best option to ensure secure connectivity between the NGFWs and the Strata Logging Service. After all, the logging service is the server we're connecting to.
upvoted 0 times
Josephine
15 days ago
A) Device
upvoted 0 times
...
...

Save Cancel