U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks PSE-PrismaCloud Exam - Topic 9 Question 56 Discussion

When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)
C) Group14 / SHA-256 / AES-256-GCM / IKE-V1 and E) Group14 / SHA-256 / AES-256-CBC / IKE-V1
A) Group2 / SHA-1 / AES-128-CBC / IKE-V1
B) Group2 / SHA-1 / AES-128-GCM / IKE-V1
D) Group2 / SHA-1 / AES-128-CBC

Palo Alto Networks PSE-PrismaCloud Exam - Topic 9 Question 56 Discussion

Actual exam question for Palo Alto Networks's PSE-PrismaCloud exam
Question #: 56
Topic #: 9
[All PSE-PrismaCloud Questions]

When an on-premises NGFW (customer gateway) is used to connect to the Virtual Gateway, which two IKE profiles cannot be used? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: C, E

Contribute your Thoughts:

0/2000 characters
Alfred
7 months ago
I thought C was also a no-go, but I guess not.
upvoted 0 times
...
Carylon
7 months ago
Definitely A and B, no doubt!
upvoted 0 times
...
Yuriko
7 months ago
Wait, are you sure about that? Seems off.
upvoted 0 times
...
Chu
8 months ago
Totally agree, A and B are the ones!
upvoted 0 times
...
Ilene
8 months ago
I think it's A and B that can't be used.
upvoted 0 times
...
Leila
8 months ago
I’m leaning towards Group2 / SHA-1 / AES-128-CBC being one of the options that can't be used, but I need to double-check that.
upvoted 0 times
...
Buffy
8 months ago
I practiced a similar question, and I think Group14 profiles are generally more secure, so maybe they are allowed?
upvoted 0 times
...
Glendora
8 months ago
I feel like Group2 with SHA-1 is a common choice, but I can't recall if it's compatible with the Virtual Gateway.
upvoted 0 times
...
Leonie
9 months ago
I think I remember that IKE-V1 has some limitations, but I'm not sure which profiles are specifically excluded.
upvoted 0 times
...
Leonard
9 months ago
I've got this! The two IKE profiles that can't be used are A and E. The Virtual Gateway doesn't support IKE-V1 or certain encryption algorithms.
upvoted 0 times
...
Francine
9 months ago
I'm feeling a little lost on this one. Can someone explain the differences between the IKE profiles and how they relate to the on-premises NGFW?
upvoted 0 times
...
Mertie
9 months ago
Okay, let's see. The key is to identify the IKE profiles that don't match the Virtual Gateway's capabilities. I've got a strategy for this.
upvoted 0 times
...
Minna
9 months ago
Hmm, I'm a bit unsure about this one. I'll need to carefully review the options and think through the requirements.
upvoted 0 times
...
Romana
9 months ago
This question seems straightforward, just need to identify the two IKE profiles that can't be used with the on-premises NGFW.
upvoted 0 times
...
Carmen
9 months ago
I think I've got this one. The key is the "by user" part of the command, which means it should return the top 3 statusCode values for each user, not just the overall top 3.
upvoted 0 times
...
Lucy
9 months ago
I think the key is understanding how the nodes in a mesh network are connected. It's not a full mesh where every node connects to every other node, but there are multiple paths between nodes. That's what makes it fault-tolerant.
upvoted 0 times
...
Shawna
9 months ago
I'm confident that the answer is B. JMS:. That makes the most sense to me based on the context of the question.
upvoted 0 times
...
Shala
9 months ago
Hmm, I'm a bit confused. Wouldn't it be better to create a custom URL category and add *.powerball.com to it? That way, we can allow that specific category in the Security Profile and avoid any potential issues with the broader "gambling" category.
upvoted 0 times
...

Save Cancel