Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 576

Your company occupies one floor in a single building. You have two Active Directory domain controllers on a single network. The firewall's management-plane resources are lightly utilized.
Given the size of this environment, which User-ID collection method is sufficient?

Answer options

• A. Windows-based agent deployed on each domain controller
• B. PAN-OS integrated agent deployed on the firewall
• C. a syslog listener
• D. Citrix terminal server agent deployed on the network

Correct answer: B

Explanation

The PAN-OS integrated agent deployed on the firewall is the correct choice because it efficiently utilizes the existing resources of the firewall while collecting user identity information. The other options, such as a Windows-based agent or syslog listener, may add unnecessary complexity or resource consumption given the environment's scale.