Palo Alto Networks Certified Next-Generation Firewall Engineer

To maintain security efficacy of its public cloud resources by using native tools, a company purchases Cloud NGFW credits to replicate the Panorama, PA-Series, and VM-Series devices used in physical data centers. Resources exist on AWS and Azure:

The AWS deployment is architected with AWS Transit Gateway, to which all resources connect

The Azure deployment is architected with each application independently routing traffic

The engineer deploying Cloud NGFW in these two cloud environments must account for the following:

Minimize changes to the two cloud environmentsScale to the demands of the applications while using the least amount of compute resourcesAllow the company to unify the Security policies across all protected areasWhich two implementations will meet these requirements? (Choose two.)

During an upgrade to the routing infrastructure in a customer environment, the network administrator wants to implement Advanced Routing Engine (ARE) on a Palo Alto Networks firewall.

Which firewall models support this configuration?

Which two statements apply to configuring required security rules when setting up an IPSec tunnel between a Palo Alto Networks firewall and a third- party gateway? (Choose two.)

Which statement describes the role of Terraform in deploying Palo Alto Networks NGFWs?

By default, which type of traffic is configured by service route configuration to use the management interface?