NETSEC-ANALYST Exam Questions

An administrator is creating a NAT policy. Which combination of address and zone are used as match conditions? (Choose two.)

Which firewall feature do you need to configure to query Palo Alto Networks service updates over a data-plane interface instead of the management interface?

In order to fulfill the corporate requirement to backup the configuration of Panorama and the Panorama-managed firewalls securely, which protocol should you select when adding a ne...

All users from the internal zone must be allowed only HTTP access to a server in the DMZ zone. Complete the empty field in the Security policy using an application object to permit...

An administrator wants to prevent users from unintentionally accessing malicious domains where data can be exfiltrated through established connections to remote systems. From the P...

An administrator would like to follow the best-practice approach to log the traffic that traverses the firewall. What action should they take?

Which two protocols are available on a Palo Alto Networks Firewall Interface Management Profile? (Choose two.)

A network administrator created an intrazone Security policy rule on the firewall. The source zones were set to IT. Finance, and HR. Which two types of traffic will the rule apply...

An administrator would like to override the default deny action for a given application, and instead would like to block the traffic. Which security policy action causes this?

Which syntax would match this?

What are two valid selections within an Anti-Spyware profile? (Choose two.)

Which Security policy set should be used to ensure that a policy is applied first?

An administrator is trying to implement an exception to an external dynamic list manually. Some entries are shown underlined in red. What would cause this error?

What can be achieved by disabling the Share Unused Address and Service Objects with Devices setting on Panorama?

Which Security profile can be used to detect and block compromised hosts from trying to communicate with external command-and-control (C2) servers?

An administrator is trying to enforce policy on some (but not all) of the entries in an external dynamic list. What is the maximum number of entries that they can be excluded?

A website is unexpectedly allowed due to miscategorization. What are two ways to resolve this issue for a proper response? (Choose two.)

If the firewall interface E1/1 is connected to a SPAN or mirror port, which interface type should E1/1 be configured as?

An administrator manages a network with 300 addresses that require translation. The administrator configured NAT with an address pool of 240 addresses and found that connections fr...

The NetSec Manager asked to create a new EMEA Regional Panorama Administrator profile with customized privileges. In particular, the new EMEA Regional Panorama Administrator should...

An administrator would like to reference the same address object in Security policies on 100 Panorama managed firewalls, across 10 devices groups and five templates. Which configur...

Which type of policy allows an administrator to both enforce rules and take action?

With the DNS Security subscription, when will the cloud-based signature database provide users access to newly added DNS signatures?

Why should a company have a File Blocking profile that is attached to a Security policy?

What can be used as match criteria for creating a dynamic address group?

In which threat profile object would you configure the DNS Security service?

An administrator would like to protect against inbound threats such as buffer overflows and illegal code execution. Which Security profile should be used?

An organization has some applications that are restricted for access by the Human Resources Department only, and other applications that are available for any known user in the org...

Which two configurations does an administrator need to compare in order to see differences between the active configuration and potential changes if committed? (Choose two.)

An administrator configured a Security policy rule where the matching condition includes a single application and the action is set to deny. What deny action will the firewall perf...

If users from the Trusted zone need to allow traffic to an SFTP server in the DMZ zone, how should a Security policy with App-ID be configured?

An administrator configured a Security policy rule with an Antivirus Security profile. The administrator did not change the action for the profile. If a virus gets detected, how wi...

An administrator needs to allow users to use only certain email applications. How should the administrator configure the firewall to restrict users to specific email applications?

DNS exceptions can be set under which Security profile?

An administrator is troubleshooting an issue with an accounts payable application. Which log setting could be temporarily configured to improve visibility?

By default, which action is assigned to the interzone-default rule?

What is the maximum volume of concurrent administrative account sessions?

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?

Where within the firewall GUI can all existing tags be viewed?

What is the Anti-Spyware Security profile default action?

To enable DNS sinkholing, which two addresses should be reserved? (Choose two.)

A NetSec manager was asked to create a new firewall administrator profile with customized privileges. The new firewall administrator must be able to download TSF File and Starts Du...

What must exist in order for the firewall to route traffic between Layer 3 interfaces?

Which path in PAN-OS 10.2 is used to schedule a content update to managed devices using Panorama?

In which threat profile object would you configure the DNS Security service?

Which rule type is appropriate for matching traffic occurring within a specified zone?

Which two matching criteria are used when creating a Security policy involving NAT? (Choose two.)

If a universal security rule was created for source zones A & B and destination zones A & B, to which traffic would the rule apply?

Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic?

What is a valid Security Zone type in PAN-OS?