View all questions & answers for the Palo Alto Next-Generation Firewall Engineer Exam Materials exam


Question 55 Discussion

Which two services are configured by applying an SSL/TLS service profile? (Choose two answers)

  • A. GlobalProtect portal
  • B. Log forwarding to Strata Logging Service
  • C. Forward-Trust certificate
  • D. Syslog server monitoring
Correct Answer: A,D

Brave-Dump Clients Votes

AD 100%

Comments



Yomna Adel Abdelhameed Mohamed 2025-12-25 18:05:39

Selected Answers: A, D


I think the correct answer (A, D)
  • Brave-Dumps Admin 2025-12-25 22:38:24
    Please explain why or write a reference

Franck 2026-01-11 16:33:14

Selected Answers: A, D


To answer this question, it's important to remember the purpose of an SSL/TLS Service Profile in PAN-OS.

An SSL/TLS Service Profile is used to configure firewall services that require a certificate when establishing an outbound TLS connection or when providing a TLS service.

Services typically associated with an SSL/TLS Service Profile include:

- GlobalProtect Portal/Gateway

- Syslog over TLS

- Email (SMTP) over TLS

- OCSP/SCEP

- User-ID over TLS

- Telemetry

- LDAP over SSL

In contrast, an SSL/TLS Service Profile is not related to:

- The Forward Trust certificate (it's a certificate, not a service)

- Strata Logging Service (uses internal certificates, not an SSL/TLS profile)

Ayesha 2026-01-24 19:00:21

Selected Answers: A, D


An SSL/TLS Service Profile is used to define the server certificate and TLS protocol versions for services where the firewall acts as a server (listening for connections) or specific secure client services. According to the administration guide, the services that utilize an SSL/TLS Service Profile are:

GlobalProtect Portals and Gateways

User-ID Syslog Listening Service

Captive Portal (Authentication Portal)

Management Interface (Web UI)

User-ID Agent