Download Valid SD-WAN-Engineer Exam Dumps for Best Preparation
Exam : SD-WAN-Engineer
Title : Palo Alto Networks SD-WAN
Engineer
https://www.passcert.com/SD-WAN-Engineer.html
1/7
, Download Valid SD-WAN-Engineer Exam Dumps for Best Preparation
1.When identifying devices for IoT classification purposes, which two methods does Prisma SD-WAN use
to discover devices that are not directly connected to the branch ION? (Choose two.)
A. LLDP
B. CDP
C. SNMP
D. Syslog
Answer: C, D
Explanation:
Comprehensive and Detailed Explanation
Prisma SD-WAN (formerly CloudGenix) integrates with Palo Alto Networks IoT Security to provide
comprehensive visibility into all devices at a branch, including those that are not directly connected to the
ION device. While the ION automatically detects and classifies devices connected directly to its interfaces
via traffic inspection (DPI), DHCP, and ARP analysis, gaining visibility into off-branch devices (devices
connected to downstream switches or access points) requires additional discovery mechanisms that can
query the network infrastructure or ingest its logs.
1. SNMP (Simple Network Management Protocol): This is the primary active discovery method for
off-branch devices. The Prisma SD-WAN ION device acts as a sensor that actively polls local network
switches and wireless controllers using SNMP. By querying the ARP tables and MAC address tables
(Bridge MIBs) of these intermediate network devices, the ION can identify endpoints that are connected to
the switch ports, even if those endpoints are not currently sending traffic through the ION. This allows the
system to map the topology and discover silent or lateral-traffic-only devices.
2. Syslog: In conjunction with SNMP, the IoT Security solution can utilize Syslog messages to discover
and profile devices. Network infrastructure devices (like switches and WLAN controllers) can be
configured to send Syslog messages to the collection point (which enables the IoT Security service)
whenever a device connects or disconnects (e.g., port up/down events, DHCP snooping logs, or
802. 1x authentication logs). These logs provide real-time data about device presence and identity
(MAC/IP mappings) for devices that are not directly adjacent to the ION, ensuring 100% visibility across
the branch network segments. LLDP (A) and CDP (B) are typically Link Layer discovery protocols used
for discovering directly connected neighbors and do not propagate beyond the immediate link, making
them unsuitable for discovering devices multiple hops away or behind a switch.
2.A network administrator is troubleshooting a critical SaaS application, “SuperSaaSApp”, that is
experiencing connectivity issues. Initially, the configured active and backup paths for the application were
reported as completely down at Layer 3. The Prisma SD-WAN system attempted to route traffic for the
application over an L3 failure path that was explicitly configured as a Standard VPN to Prisma Access.
However, users are still reporting a complete outage for the application and monitoring tools show
application flows being dropped when attempting to use the Standard VPN L3 failure path, even though
the tunnel itself appears to be up. The administrator suspects a policy misconfiguration related to how the
Standard VPN path interacts with destination groups.
What is the most likely reason for flows being dropped when attempting to use the Standard VPN L3
failure path?
A. The “Move Flows Forced” action was not enabled in the performance policy for “SuperSaaSApp”,
preventing the system from actively shifting traffic to the L3 failure path.
B. The path policy rule for “SuperSaaSApp” has the “Required” checkbox selected for its Service & DC
2/7
Exam : SD-WAN-Engineer
Title : Palo Alto Networks SD-WAN
Engineer
https://www.passcert.com/SD-WAN-Engineer.html
1/7
, Download Valid SD-WAN-Engineer Exam Dumps for Best Preparation
1.When identifying devices for IoT classification purposes, which two methods does Prisma SD-WAN use
to discover devices that are not directly connected to the branch ION? (Choose two.)
A. LLDP
B. CDP
C. SNMP
D. Syslog
Answer: C, D
Explanation:
Comprehensive and Detailed Explanation
Prisma SD-WAN (formerly CloudGenix) integrates with Palo Alto Networks IoT Security to provide
comprehensive visibility into all devices at a branch, including those that are not directly connected to the
ION device. While the ION automatically detects and classifies devices connected directly to its interfaces
via traffic inspection (DPI), DHCP, and ARP analysis, gaining visibility into off-branch devices (devices
connected to downstream switches or access points) requires additional discovery mechanisms that can
query the network infrastructure or ingest its logs.
1. SNMP (Simple Network Management Protocol): This is the primary active discovery method for
off-branch devices. The Prisma SD-WAN ION device acts as a sensor that actively polls local network
switches and wireless controllers using SNMP. By querying the ARP tables and MAC address tables
(Bridge MIBs) of these intermediate network devices, the ION can identify endpoints that are connected to
the switch ports, even if those endpoints are not currently sending traffic through the ION. This allows the
system to map the topology and discover silent or lateral-traffic-only devices.
2. Syslog: In conjunction with SNMP, the IoT Security solution can utilize Syslog messages to discover
and profile devices. Network infrastructure devices (like switches and WLAN controllers) can be
configured to send Syslog messages to the collection point (which enables the IoT Security service)
whenever a device connects or disconnects (e.g., port up/down events, DHCP snooping logs, or
802. 1x authentication logs). These logs provide real-time data about device presence and identity
(MAC/IP mappings) for devices that are not directly adjacent to the ION, ensuring 100% visibility across
the branch network segments. LLDP (A) and CDP (B) are typically Link Layer discovery protocols used
for discovering directly connected neighbors and do not propagate beyond the immediate link, making
them unsuitable for discovering devices multiple hops away or behind a switch.
2.A network administrator is troubleshooting a critical SaaS application, “SuperSaaSApp”, that is
experiencing connectivity issues. Initially, the configured active and backup paths for the application were
reported as completely down at Layer 3. The Prisma SD-WAN system attempted to route traffic for the
application over an L3 failure path that was explicitly configured as a Standard VPN to Prisma Access.
However, users are still reporting a complete outage for the application and monitoring tools show
application flows being dropped when attempting to use the Standard VPN L3 failure path, even though
the tunnel itself appears to be up. The administrator suspects a policy misconfiguration related to how the
Standard VPN path interacts with destination groups.
What is the most likely reason for flows being dropped when attempting to use the Standard VPN L3
failure path?
A. The “Move Flows Forced” action was not enabled in the performance policy for “SuperSaaSApp”,
preventing the system from actively shifting traffic to the L3 failure path.
B. The path policy rule for “SuperSaaSApp” has the “Required” checkbox selected for its Service & DC
2/7
