Exam NGFW-Engineer Topic 2 Question 83 Discussion

Actual exam question for Palo Alto Networks's NGFW-Engineer exam
Question #: 83
Topic #: 2
An administrator plans to upgrade a pair of active/passive firewalls to a new PAN-OS release.
The environment is highly sensitive, and downtime must be minimized.
What is the recommended upgrade process for minimal disruption in this high availability (HA) scenario?

Suggested Answer: A Vote an answer

In an active/passive HA setup, the recommended process for upgrading involves minimizing downtime and ensuring traffic continuity by using the failover process:
Suspend the active firewall: This triggers a failover to the passive unit, making it the active unit.
Upgrade the former passive (now active) unit: With traffic now running on the previously passive unit, upgrade the suspended unit while the active unit continues handling traffic.
Confirm proper operation: Once the upgrade is complete, verify that the upgraded unit is functioning properly.
Fail traffic back: Once the upgraded firewall is confirmed to be working, fail the traffic back to the original active unit and upgrade the remaining firewall.

by Richard at Jun 11, 2026, 06:48 PM

Limited Time Offer

15%

Off

Get Premium NGFW-Engineer Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10