A remote administrator needs firewall access on an untrusted interface. Which two components are required on the firewall to configure certificate-based administrator authentication to the web UI? (Choose two.)
B and C. Step 1. Generate a CA certificate ON THE FIREWALL. Step 2. Create a certificate profile for securing access to the web interface. The cruxt of the question is what is needed ON THE FIREWALL
BC -
Just worked through the links and you can't have the config on FW without the cert profile (Configure the firewall to use the certificate profile for authenticating administrators on the interface.) You also need the CA cert to generate the client certs for the admins, but then you will export them and don't need them anymore on the fw!?! Correct me if I'm wrong here, haven't LABed it yet. So answer CAcert & cert profile.
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/firewall-administration/manage-firewall-administrators/configure-administrative-accounts-and-authentication/configure-certificate-based-administrator-authentication-to-the-web-interface
You need a CA, cert profile and client cert.
You are 100% correct, however the question mentions " Which two components are required on the firewall" , so I guess it should be CA and Cert Profile. (BC)
This section is not available anymore. Please use the main Exam Page.PCNSE Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
GBD35055
Highly Voted 1 year agoTAKUM1y
Highly Voted 11 months, 2 weeks agohz78
Most Recent 5 months, 1 week agoadoua
10 months agomz101
11 months agobimyo
1 year agoDrNick0
1 year, 1 month agosujss
8 months, 3 weeks agomillosz222
1 year, 1 month ago