NETSEC-ANALYST Exam Questions

An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this re...

Which solution is a viable option to capture user identification when Active Directory is not in use?

You receive notification about a new malware that infects hosts. An infection results in the infected host attempting to contact a command-and-control server. Which Security Profil...

Which built-in IP address EDL would be useful for preventing traffic from IP addresses that are verified as unsafe based on WildFire analysis Unit 42 research and data gathered fro...

The compliance officer requests that all evasive applications need to be blocked on all perimeter firewalls out to the internet. The firewall is configured with two zones: 1. trust...

What must be configured before setting up Credential Phishing Prevention?

What allows a security administrator to preview the Security policy rules that match new application signatures?

Which statement best describes a common use of Policy Optimizer?

An address object of type IP Wildcard Mask can be referenced in which part of the configuration?

An administrator would like to determine the default deny action for the application dns-over- https. Which action would yield the information?

An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone. The administrator doe...

What are three valid ways to map an IP address to a username? (Choose three.)

Which object would an administrator create to enable access to all applications in the office- programs subcategory?

An administrator would like to create a URL Filtering log entry when users browse to any gambling website. What combination of Security policy and Security profile actions is corre...

Which statement is true regarding NAT rules?

After making multiple changes to the candidate configuration of a firewall, the administrator would like to start over with a candidate configuration that matches the running confi...

An administrator is reviewing the Security policy rules shown in the screenshot below. Which statement is correct about the information displayed?

What are the two default behaviors for the intrazone-default policy? (Choose two.)

What are two valid selections within an Antivirus profile? (Choose two.)

An administrator wants to create a NAT policy to allow multiple source IP addresses to be translated to the same public IP address. What is the most appropriate NAT policy to achie...

Which action can be set in a URL Filtering Security profile to provide users temporary access to all websites in a given category using a provided password?

What is a function of application tags?

What are three Palo Alto Networks best practices when implementing the DNS Security Service? (Choose three.)

An administrator is investigating a log entry for a session that is allowed and has the end reason of aged-out. Which two fields could help in determining if this is normal? (Choos...

What does an application filter help you to do?

Prior to a maintenance-window activity, the administrator would like to make a backup of only the running configuration to an external location. What command in Device > Setup > Op...

Your company is highly concerned with their Intellectual property being accessed by unauthorized resources. There is a mature process to store and include metadata tags for all con...

An administrator wants to create a No-NAT rule to exempt a flow from the default NAT rule. What is the best way to do this?

When creating a Panorama administrator type of Device Group and Template Admin, which two things must you create first? (Choose two.)

An administrator is troubleshooting traffic that should match the interzone-default rule. However, the administrator doesn't see this traffic in the traffic logs on the firewall. T...

An administrator is configuring a NAT rule. At a minimum, which three forms of information are required? (Choose three.)

What are three characteristics of the Palo Alto Networks DNS Security service? (Choose three.)

What are the requirements for using Palo Alto Networks EDL Hosting Sen/ice?

An administrator would like to block access to a web server, while also preserving resources and minimizing half-open sockets. What are two security policy actions the administrato...

An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or...

A network administrator is required to use a dynamic routing protocol for network connectivity. Which three dynamic routing protocols are supported by the NGFW Virtual Router for t...

Which log type would be used to find commit entries for a firewall?

To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?

Which three filter columns are available when setting up an Application Filter? (Choose three.)

A coworker found a USB labeled "confidential in the parking lot. They inserted the drive and it infected their corporate laptop with unknown malware The malware caused the laptop t...

According to best practices, how frequently should WildFire updates he made to perimeter firewalls?

What are the three DNS Security categories available to control DNS traffic? (Choose three.)

What are three valid information sources that can be used when tagging users to dynamic user groups? (Choose three.)

When an ethernet interface is configured with an IPv4 address, which type of zone is it a member of?

How is an address object of type IP range correctly defined?

What do you configure if you want to set up a group of objects based on their ports alone?

What are two valid selections within a Vulnerability Protection profile? (Choose two.)

When creating an Admin Role profile, if no changes are made, which two administrative methods will you have full access to? (Choose two.)

Which list of actions properly defines the order of steps needed to add a local database user account and create a new group to which this user will be assigned?

An administrator wants to prevent hacking attacks through DNS queries to malicious domains. Which two DNS policy actions can the administrator choose in the Anti-Spyware Security P...