NETSEC-ANALYST Exam Questions

Actions can be set for which two items in a URL filtering security profile? (Choose two.)

Which two statements are correct about App-ID content updates? (Choose two.)

Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environm...

Which statement is true regarding a Best Practice Assessment?

Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application?

Choose the option that correctly completes this statement. A Security Profile can block or allow traffic ____________.

When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

Which interface does not require a MAC or IP address?

A company moved its old port-based firewall to a new Palo Alto Networks NGFW 60 days ago. Which utility should the company use to identify out-of-date or unused rules on the firewa...

What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)

Recently changes were made to the firewall to optimize the policies and the security team wants to see if those changes are helping. What is the quickest way to reset the hit count...

Which two App-ID applications will need to be allowed to use Facebook-chat? (Choose two.)

Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources?

Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP-to-user mappings as so...

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2...

In which stage of the Cyber-Attack Lifecycle would the attacker inject a PDF file within an email?

Identify the correct order to configure the PAN-OS integrated USER-ID agent. 3. add the service account to monitor the server(s) 2. define the address of the servers to be monitore...

Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. Complete the security policy to ensure only Telnet is allowed. Security Policy: Source Zone...

Based on the security policy rules shown, ssh will be allowed on which port?

Which license must an Administrator acquire prior to downloading Antivirus Updates for use with the firewall?

An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the admi...

Given the topology, which zone type should zone A and zone B to be configured with?

Which interface type is used to monitor traffic and cannot be used to perform traffic shaping?

Which administrator type provides more granular options to determine what the administrator can view and modify when creating an administrator account?

Which administrator type utilizes predefined roles for a local administrator account?

Which two security profile types can be attached to a security policy? (Choose two.)

Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?

Given the image, which two options are true about the Security policy rules. (Choose two.)

Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?

Which two statements are correct regarding multiple static default routes when they are configured as shown in the image? (Choose two.)

Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can run malicious code against a targeted machine.

Which file is used to save the running configuration with a Palo Alto Networks firewall?

In the example security policy shown, which two websites would be blocked? (Choose two.)

Which Palo Alto Networks component provides consolidated policy creation and centralized management?

Which statement is true regarding a Prevention Posture Assessment?

Which five Zero Trust concepts does a Palo Alto Networks firewall apply to achieve an integrated approach to prevent threats? (Choose five.)

The PowerBall Lottery has reached a high payout amount and a company has decided to help employee morale by allowing employees to check the number, but doesn't want to unblock the...

Which service protects cloud-based applications such as Dropbox and Salesforce by administering permissions and scanning files for sensitive information?

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (...

Which update option is not available to administrators?

A server-admin in the USERS-zone requires SSH-access to all possible servers in all current and future Public Cloud environments. All other required connections have already been e...

How often does WildFire release dynamic updates?

What is the minimum timeframe that can be set on the firewall to check for new WildFire signatures?

A network has 10 domain controllers, multiple WAN links, and a network infrastructure with bandwidth needed to support mission-critical applications. Given the scenario, which type...

What must you configure to enable the firewall to access multiple Authentication Profiles to authenticate a non-local account?

Which prevention technique will prevent attacks based on packet count?

Which interface type can use virtual routers and routing protocols?

Which URL profiling action does not generate a log entry when a user attempts to access that URL?