A prospect is eager to conduct a Security Lifecycle Review (SLR) with the aid of the Palo Alto Networks NGFW. Which interface type is best suited to provide the raw data for an SLR from the network in a way that is minimally invasive?
A prospect is eager to conduct a Security Lifecycle Review (SLR) with the aid of the Palo Alto Networks NGFW. Which interface type is best suited to provide the raw data for an SLR from the network in a way that is minimally invasive?
In the context of conducting a Security Lifecycle Review (SLR) using a Palo Alto Networks Next-Generation Firewall (NGFW), the Tap interface type is the best suited to provide raw data from the network in a minimally invasive manner. A Tap interface allows the firewall to passively monitor network traffic without interrupting the flow of data, making it ideal for gathering information without impacting the existing network operation. Other interface types such as Layer 2, Layer 3, and Virtual Wire may involve more intrusive configurations or changes to the network.
Palo Alto exams are just a fraud
why is that so?
C is the answer.
Answer is C. Out of the choices presented, utilizing a Tap mode interface connected to a SPAN port is least invasive.
It seems to be C, I found a non-official documentation about it: https://www.exclusive-networks.com/adriatics/palo-alto-networks-slr/#:~:text=The%20Palo%20Alto%20Networks%20Security,risks%20faced%20by%20an%20organization. The typical and most basic SLR deployment will use TAP mode interfaces, where the firewall can be connected to a core switch’s span port to identify applications running on the network. This option requires no changes to the existing network design.
https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-networking-admin/configure-interfaces/tap-interfaces
tap makes sense to me, but only docs I can see online reference Cortex
C because question asks for "minimally invasive".