NETSEC-ANALYST Exam Questions

Which two rule types allow the administrator to modify the destination zone? (Choose two.)

What is the main function of Policy Optimizer?

Based on the screenshot, what is the purpose of the group in User labelled "it"?

Assume that traffic matches a Security policy rule but the attached Security Profiles is configured to block matching traffic. Which statement accurately describes how the firewall...

Which license is required to use the Palo Alto Networks built-in IP address EDLs?

Which statement is true about Panorama managed devices?

Which component is a building block in a Security policy rule?

You have been tasked to configure access to a new web server located in the DMZ. Based on the diagram what configuration changes are required in the NGFW virtual router to route tr...

An administrator would like to use App-ID's deny action for an application and would like that action updated with dynamic updates as new content becomes available. Which security...

Selecting the option to revert firewall changes will replace what settings?

An administrator has configured a Security policy where the matching condition includes a single application, and the action is deny. If the application's default deny action is re...

Which three types of authentication services can be used to authenticate user traffic flowing through the firewall's data plane? (Choose three.)

Given the screenshot, what two types of route is the administrator configuring? (Choose two.)

Which rule type is appropriate for matching traffic both within and between the source and destination zones?

An administrator would like to override the default deny action for a given application, and instead would like to block the traffic and send the ICMP code "communication with the...

You receive notification about new malware that infects hosts through malicious files transferred by FTP. Which Security profile detects and protects your internal networks from th...

An administrator wants to prevent access to media content websites that are risky. Which two URL categories should be combined in a custom URL category to accomplish this goal? (Ch...

Which dynamic update type includes updated anti-spyware signatures?

Which object would an administrator create to block access to all high-risk applications?

Which option is part of the content inspection process?

What must be considered with regards to content updates deployed from Panorama?

During the packet flow process, which two processes are performed in application identification? (Choose two.)

Refer to the exhibit. A web server in the DMZ is being mapped to a public address through DNAT. Which Security policy rule will allow traffic to flow to the web server?

What does an administrator use to validate whether a session is matching an expected NAT policy?

What is the purpose of the automated commit recovery feature?

According to the best practices for mission critical devices, what is the recommended interval for antivirus updates?

Which Security policy match condition would an administrator use to block traffic from IP addresses on the Palo Alto Networks EDL of Known Malicious IP Addresses list?

URL categories can be used as match criteria on which two policy types? (Choose two.)

Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)

Refer to the exhibit. An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, wher...

Which type of profile must be applied to the Security policy rule to protect against buffer overflows, illegal code execution, and other attempts to exploit system flaws?

Starting with PAN-OS version 9.1, application dependency information is now reported in which two locations? (Choose two.)

What action will inform end users when their access to Internet content is being restricted?

What is a recommended consideration when deploying content updates to the firewall from Panorama?

Which information is included in device state other than the local configuration?

Based on the graphic, what is the purpose of the SSL/TLS Service profile configuration option?

An administrator is troubleshooting an issue with traffic that matches the intrazone-default rule, which is set to default configuration. What should the administrator do?

When is the content inspection performed in the packet flow process?

During the App-ID update process, what should you click on to confirm whether an existing policy rule is affected by an App-ID update?

When creating a custom URL category object, which is a valid type?

When HTTPS for management and GlobalProtect are enabled on the same interface, which TCP port is used for management access?

What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control? (Choose two.)

Which DNS Query action is recommended for traffic that is allowed by Security policy and matches Palo Alto Networks Content DNS Signatures?

Which stage of the cyber-attack lifecycle makes it important to provide ongoing education to users on spear phishing links, unknown emails, and risky websites?

What are three factors that can be used in domain generation algorithms? (Choose three.)

Which action would an administrator take to ensure that a service object will be available only to the selected device group?

If using group mapping with Active Directory Universal Groups, what must you do when configuring the User-ID?

Which administrative management services can be configured to access a management interface?

Which feature would be useful for preventing traffic from hosting providers that place few restrictions on content, whose services are frequently used by attackers to distribute il...

Which attribute can a dynamic address group use as a filtering condition to determine its membership?