Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam NetSec-Generalist Topic 5 Question 8 Discussion

Actual exam question for Palo Alto Networks's NetSec-Generalist exam
Question #: 8
Topic #: 5
[All NetSec-Generalist Questions]

All branch sites in an organization have NGFWs running in production, and the organization wants to centralize its logs with Strata Logging Service.

Which type of certificate is required to ensure connectivity from the NGFWs to Strata Logging Service?

Show Suggested Answer Hide Answer
Suggested Answer: C

To centralize logs from NGFWs to the Strata Logging Service, a Root Certificate Authority (Root CA) certificate is required to ensure secure connectivity between firewalls and Palo Alto Networks' cloud-based Strata Logging Service.

Why a Root Certificate is Required?

Authenticates Firewall Connections -- Ensures NGFWs trust the Strata Logging Service.

Enables Encrypted Communication -- Protects log integrity and confidentiality.

Prevents Man-in-the-Middle Attacks -- Ensures secure TLS encryption for log transmission.

Why Other Options Are Incorrect?

A . Device

Incorrect, because Device Certificates are used for firewall management authentication, not log transmission to Strata Logging Service.

B . Server

Incorrect, because Server Certificates authenticate service endpoints, but firewalls need to trust a Root CA for secure logging connections.

D . Intermediate CA

Incorrect, because Intermediate CA certificates are used for validating certificate chains, but firewalls must trust the Root CA for establishing secure connections.

Reference to Firewall Deployment and Security Features:

Firewall Deployment -- Ensures secure log transmission to centralized services.

Security Policies -- Prevents log tampering and unauthorized access.

VPN Configurations -- Ensures VPN logs are securely sent to the Strata Logging Service.

Threat Prevention -- Ensures firewall logs are analyzed for security threats.

WildFire Integration -- Logs malware-related events to the cloud for analysis.

Zero Trust Architectures -- Ensures secure logging of all network events.

Thus, the correct answer is: C. Root


by Gayla at Mar 23, 2025, 09:37 AM

Limited Time Offer

25%

Off

Get Premium NetSec-Generalist Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Gerald
1 hours ago
Wait, isn't a Device certificate used for, well, devices? I feel like that might be the right answer here, since the NGFWs are the devices we're talking about.
upvoted 0 times
...
Ligia
1 days ago
I'm not sure, but I think it might be C) Root certificate.
upvoted 0 times
...
Valene
2 days ago
Haha, I bet the answer is 'D. Intermediate CA'. That's the one that makes the most sense to me. Gotta love those certification exams and their tricky wording!
upvoted 0 times
...
Tresa
5 days ago
Hmm, I'm not so sure. Wouldn't a Root or Intermediate CA certificate be more appropriate in this case? I mean, we need to establish a chain of trust, right?
upvoted 0 times
...
Katlyn
8 days ago
I agree with Barbra, because Intermediate CA certificates are used for secure communication between devices and servers.
upvoted 0 times
...
Barbra
13 days ago
I think the answer is D) Intermediate CA.
upvoted 0 times
...
Sylvia
14 days ago
I think a Server certificate would be the best option to ensure secure connectivity between the NGFWs and the Strata Logging Service. After all, the logging service is the server we're connecting to.
upvoted 0 times
Josephine
3 days ago
A) Device
upvoted 0 times
...
...

Save Cancel