nerdexam
Palo_Alto_Networks

NETSEC-GENERALIST · Question #29

Which action must a firewall administrator take to incorporate custom vulnerability signatures into current Security policies?

The correct answer is A. Create custom objects.. Custom vulnerability signatures must first be defined as custom threat objects within the firewall's object library (Objects > Custom Objects > Vulnerability). Once created, these custom objects can be referenced inside a Vulnerability Protection profile, which is then attached t

Threat Prevention

Question

Which action must a firewall administrator take to incorporate custom vulnerability signatures into current Security policies?

Options

  • ACreate custom objects.
  • BDownload WildFire updates.
  • CDownload threat updates.
  • DCreate custom policies.

How the community answered

(54 responses)
  • A
    93% (50)
  • B
    2% (1)
  • C
    4% (2)
  • D
    2% (1)

Explanation

Custom vulnerability signatures must first be defined as custom threat objects within the firewall's object library (Objects > Custom Objects > Vulnerability). Once created, these custom objects can be referenced inside a Vulnerability Protection profile, which is then attached to a Security policy rule. The workflow is: create the custom vulnerability object → add it to a Vulnerability Protection profile → apply that profile to a Security policy. Downloading WildFire or threat content updates only brings in Palo Alto-authored signatures, not administrator-defined ones. Creating a 'custom policy' alone does not make the signature available for matching-the object definition must exist first.

Topics

#Custom Signatures#Vulnerability Protection#Security Policy Configuration#PAN-OS Objects

Community Discussion

No community discussion yet for this question.

Full NETSEC-GENERALIST Practice