View threat and traffic information Logs and Reports

View Threat and Traffic Information 

In the Dashboard

The Dashboard

Widgets for Viewing Threat Information

Widgets for Viewing Application Information

Global Filters and local

Widgets on the ACC Network Activity and Threat Activity Tabs

In the logs

Firewall Logging Overview

Correlation Engine, Objects, and Events

App Scope Reports

App Scope Reports: What’s Available?

In predefined reports

Firewall Logging and Reporting Overview

In custom reports

Forward threat and traffic information to external services

Device Telemetry

Firewall Log Forwarding Review

Configure a Server Profile: Syslog Example

1. In the Palo Alto Networks Application Command Center (ACC), which filter allows you to limit the display to the details you care about right now and to exclude the unrelated information from the current display?

a. Local NO

b. Group NO

c. Global

d. Universal NO

2. What feature on the Next Generation firewall can be used to identify, in real time, the applications taking up the most bandwidth?

a. Quality of Service Log

b. Applications Report No

c. Application Command Center (ACC)

d. Quality of Service Statistics

3. What are the three pre-defined tabs in the Next Generation firewall Application Command Center (ACC)?

a. Threat Activity

b. Application Traffic NO

c. Network Traffic

d. Blocked Activity

4. On the Palo Alto Networks Next Generation Firewall, which is the default port for transporting Syslog traffic?

a. 8080

b. 443

c. 514

d. 6514 NO

5. Which two actions affect all of the widgets in the Application Command Centre?

a. setting a global search

b. setting a global filter 

c. setting a local filter

d. setting a time range 

6. Which two firewall features display information using widgets?

a. Botnet report

b. ACC 

c. Traffic log

d. Dashboard 

7. True or false? You can customize the list of logs that are aggregated into the Unified log.

True 

8. Which statement about the automated correlation engine is not correct?

a. It is available only in Panorama 

b. It outputs correlation events.

c. It uses correlation objects as input.

d. It detects possible infected hosts.

9. True or false? SNMP GET requests to a firewall return operational statistics, and SNMP SET requests update the firewall configuration.

False 

10. Which statement about the predefined reports is not correct?

a. They are generated daily by default NO

b. They are emailed daily to users

c. There are more than 40 predefined reports

d. They are grouped in 5 categories

Comments