A remote administrator needs access to the firewall on an untrust interface. Which three options would you configure on an Interface Management profile to secure management access? (Choose three.)
A remote administrator needs access to the firewall on an untrust interface. Which three options would you configure on an Interface Management profile to secure management access? (Choose three.)
To secure management access to the firewall on an untrust interface, you should configure Permitted IP Addresses to restrict which IP addresses can access the interface, SSH for secure encrypted command-line access, and HTTPS for secure encrypted web access. HTTP is not secure because it transmits data in cleartext, and User-ID is used for identifying users and their activities rather than securing management access.
It's ABC
ABC, how is enabling HTTP securing your access?
By ovbious reasons it will be ABC. Others are insecure.
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access
BCD https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/networking/configure-interfaces/use-interface-management-profiles-to-restrict-access.html
Its ABC, the doc you reference says that user-id is used to "Redistribute User Mappings and Authentication Timestamps"
D can't be an answer because: "... and never enable HTTP or Telnet access because those protocols transmit in cleartext." as it is stated on the question that you should "secure" access, not just permit it. Reference: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/networking/configure-interfaces/use-interface-management-profiles-to-restrict-access
A, B and C correct
It's so obvious
ABC Do not use HTTP or Telnet for any management interface profile because those protocols transmit in cleartext. https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access
It's ABC
Http is not secure
A, B, C