Palo Alto Networks (PANW) Certified Network Security Administrator (PCNSA) Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Palo Alto Networks Certified Network Security Administrator Exam with flashcards and multiple choice questions. Each question includes hints and explanations to boost your confidence and readiness!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What capability can be used when running PA-200 firewalls in HA active/passive mode using HA-Lite?

  1. Session Synchronization

  2. Configuration Sync

  3. Shared Addressing

  4. Stateful Failover

The correct answer is: Configuration Sync

In an HA active/passive setup using HA-Lite with PA-200 firewalls, the functionality of Configuration Sync is essential. Configuration Sync allows the primary (active) firewall to synchronize its configuration settings with the secondary (passive) firewall. This ensures that both firewalls have the same configuration, allowing for a seamless transition should a failover occur. When one firewall takes over as the active unit, it can do so without the need for manual intervention to replicate the configuration settings. This is vital for maintaining continuity in network security policies and rules, as well as ensuring that the correct set of configurations is applied during an active failover event. In the context of HA-Lite, which is a simplified version of High Availability, some advanced features like Session Synchronization or Stateful Failover are not available, focusing instead on providing essential redundancy via configuration consistency. Thus, Configuration Sync is indeed the right capability in this scenario.

More Questions Like This