Palo Alto Networks Certified Strata Field Engineer (PCSFE) — Question 22

A system engineer is working on the Proof of Concept (POC) for Cloud Next-Generation Firewall (NGFW) for Azure using an existing Panorama setup. However, connection with the Cloud NGFW instance. What could be the cause of this issue?

Answer options

• A. There has not been an upgrade to the PAN-OS 10.2.
• B. Cloud NGFW plugin has not been installed.
• C. Valid device certificate is missing.
• D. Necessary ports 8443 and 443 for communication between Cloud NGFW and Panorama are blocked.

Correct answer: C

Explanation

The correct answer is C, as a valid device certificate is essential for establishing a secure connection between the Panorama and Cloud NGFW. Without this certificate, the connection cannot be authenticated. Options A and B may hinder functionality, but they do not directly prevent connection like the missing certificate does. Option D pertains to network port accessibility, which is also important but not the primary cause in this context.