option
Cuestiones
ayuda
daypo
buscar.php
TEST BORRADO, QUIZÁS LE INTERESE: Pcnsa6
COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del Test:
Pcnsa6

Descripción:
Preguntas 301-360

Autor:
Roman
OTROS TESTS DEL AUTOR


Fecha de Creación:
28/11/2023

Categoría: Informática

Número Preguntas: 60
COMPARTE EL TEST
COMENTARNuevo Comentario
No hay ningún comentario sobre este test.
Temario:
Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic? Tap Virtual wire Layer 2 Layer3.
What is a valid Security Zone type in PAN-OS? Management Logical Transparent Tap.
An administrator is creating a Security policy rule and sees that the destination zone is grayed out. While creating the rule, which option was selected to cause this? Interzone Source Zone Universal (default) Intrazone.
How many levels can there be in a device-group hierarchy, below the shared level? 2 3 4 5.
Where in Panorama would Zone Protection profiles be configured? Template Device Groups Shared Panorama Tab.
Which parameter is used to view the Security policy rulebase as groups? Tag Service Type Action.
When a security rule is configured as Intrazone, which field cannot be changed? Destination zone Actions Source Zone Apllication.
An administrator is trying to understand which NAT policy is being matched. In what order does the firewall evaluate NAT policies? Dynamic IP and Port first, then Static, and finally Dynamic IP From top to bottom Static NAT rules first, then lop down Static NAT rules first, then Dynamic.
Which policy set should be used to ensure that a policy is applied just before the default security rules? Shared post-rulebase Local firewall policy Parent device-group post-rulebase Child device-group post-rulebase.
Which rule type is appropriate for matching traffic occurring within a specified zone? How should the administrator configure the firewall to restrict users to specific email applications? Create an application filter and filter it on the collaboration category. Create an application filter and filter it on the collaboration category, email subcategory. Create an application group and add the email applications to it. Create an application group and add the email category to it.
Review the screenshot below. Based on the information it contains, which protocol decoder will detect a machine-learning match, create a Threat log entry, and permit the traffic? smb imap ftp http2.
An interface can belong to how many Security Zones? 1 2 3 4.
What are the two types of Administrator accounts? (Choose two.) Role based Superuser Dynamic Local.
The Net Sec Manager asked to create a new Firewall Operator profile with customized privileges. In particular, the new firewall operator should be able to: Check the configuration with read-only privilege for LDAP, RADIUS, TACACS+, and SAML as Server profiles to be used inside an Authentication profile. The firewall operator should not be able to access anything else. What is the right path m order to configure the new firewall Administrator Profile? Device > Admin Roles > Add > Web UI > Device > Server Profiles Device > Admin Roles > Add > Web UI > disable access to everything else Device > Admin Roles > Add > Web UI > Objects > Server Profiles Device > Admin Roles > Add > Web UI > disable access to everything else Device > Admin Roles > Add >Web UI > Objects > Authentication Profile Device > Admin Roles > Add > Web UI > disable access to everything else Device > Admin Roles > Add > Web UI > Device > Authentication Profile Device > Admin Roles > Add > Web UI > disable access to everything else.
Question #315Topic 1 Within the WildFire Analysis profile, which three items are configurable? (Choose three.) File type Direction Service Application Objects.
Which Security profile can be used to configure sinkhole IPs m the DNS Sinkhole settings? Vulnerability Protection Anti-spyware Antivirus URL FilterinG.
Which three management interface settings must be configured for functional dynamic updates and administrative access on a Palo Alto Networks firewall? (Choose three.) NTP IP address MTU DNS server Service Routes.
How does the Policy Optimizer policy view differ from the Security policy view? It provides sorting options that do not affect rule order It specifies applications seen by rules It displays rule utilization It details associated zones.
An administrator creates a new Security policy rule to allow DNS traffic from the LAN to the DMZ zones. The administrator does not change the rule type from its default value. What type of Security policy rule is created? Intrazone Interzone Universal Tagged.
What do application filters help provide access to? Applications that are explicitly sanctioned for use within a company Applications that are not explicitly sanctioned and that a company wants users to be able to access Applications that are explicitly unsanctioned for use within a company Applications that are not explicitly unsanctioned and that a company wants users to be able to access.
What is the function of an application group object? It contains applications that you want to treat similarly in policy It groups applications dynamically based on application attributes that you define It represents specific ports and protocols for an application It identifies the purpose of a rule or configuration object and helps you better organize your rulebase.
How would a Security policy need to be written to allow outbound traffic using Secure Shell (SSH) to destination ports tcp/22 and tcp/4422? The admin creates a custom service object named "tcp-4422" with port tcp/4422. The admin then creates a Security policy allowing application "ssh" and service "tcp-4422". The admin creates a custom service object named "tcp-4422" with port tcp/4422. The admin then creates a Security policy allowing application "ssh", service "tcp-4422", and service "application-default". The admin creates a custom service object named "tcp-4422" with port tcp/4422. The admin also creates a custom service object named "tcp-22" with port tcp/22. The admin then creates a Security policy allowing application "ssh", service "tcp-4422", and service "tcp-22". The admin creates a Security policy allowing application "ssh" and service "application-default".
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains? DNS Malicious signatures DNS Security signatures DNS Malware signatures DNS Block signatures.
Which Security policy action will message a user's browser that their web session has been terminated? reset client Deny Drop Reset server.
In order to protect users against exploit kits that exploit a vulnerability and then automatically download malicious payloads, which Security profile should be configured? Anti-Spyware WildFire Vulnerability Protection Antivirus.
Which verdict may be assigned to a WildFire sample? Phising Spyware PUP Malware.
To protect against illegal code execution, which Security profile should be applied? Antivirus profile on allowed traffic Antivirus profile on denied traffic Vulnerability Protection profile on allowed traffic Vulnerability Protection profile on denied traffic.
Which three types of entries can be excluded from an external dynamic list? (Choose three.) IP addresses Applications User-id Domains URL.
The Administrator profile “PCNSA Admin” is configured with an Authentication profile “Authentication Sequence PCNSA”. The Authentication Sequence PCNSA has a profile list with four Authentication profiles: Auth Profile LDAP - Auth Profile Radius - Auth Profile Local - Auth Profile TACACS - After a network outage, the LDAP server is no longer reachable. The RADIUS server is still reachable but has lost the “PCNSA Admin” username and password. Which option describes the “PCNSA Admin” login capabilities after the outage? Auth OK because of the Auth Profile TACACS Auth KO because RADIUS server lost user and password for PCNSA Admin Auth OK because of the Auth Profile Local Auth KO because LDAP server is not reachable.
By default, which action is assigned to the intrazone-default rule? Reset-client Reset-server Deny Allow.
A Panorama administrator would like to create an address object for the DNS server located in the New York City office, but does not want this object added to the other Panorama managed firewalls. Which configuration action should the administrator take when creating the address object? Tag the address object with the New York Office tag. Ensure that Disable Override is cleared. Ensure that the Shared option is checked. Ensure that the Shared option is cleared.
An administrator is troubleshooting an issue with traffic that matches the interzone-default rule, which is set to default configuration. What should the administrator do? Change the logging action on the rule Tune your Traffic Log filter to include the dates Refresh the Traffic Log Review the System Log.
What is the default action for the SYN Flood option within the DoS Protection profile? Reset-client Alert Sinkhole Random Early Drop.
Application groups enable access to what? Applications that are explicitly unsanctioned for use within a company Applications that are not explicitly unsanctioned and that an administrator wants users to be able to access Applications that are explicitly sanctioned for use within a company Applications that are not explicitly sanctioned and that an administrator wants users to be able to access.
Where does a user assign a tag group to a policy rule in the policy creation window? General tab Usage tab Application tab Actions tab.
What is used to monitor Security policy applications and usage? Security profile App-id Policy-based forwarding Policy Optimizer.
What is considered best practice with regards to committing configuration changes? Wait until all running and pending jobs are finished before committing. Export configuration after each single configuration change performed. Validate configuration changes prior to committing. Disable the automatic commit feature that prioritizes content database installations before committing.
Which Security profile generates an alert based on a threshold when the action is set to Alert? Vulnerability Protection Antiviurs Dos protection Anti-spyware.
Given the network diagram, which two statements are true about traffic between the User and Server networks? (Choose two.) Traffic is permitted through the default Intrazone “allow” rule. Traffic restrictions are not possible because the networks are in the same zone. Traffic is permitted through the default Interzone “allow” rule. Traffic restrictions are possible by modifying Intrazone rules.
Which setting is available to edit when a tag is created on the local firewall? Color Location Order Priority.
With the PAN-OS 11.0 Nova release, which two attack options can new inline deep learning analysis engines detect and prevent? (Choose two.) Command injection attacks SSL attacks SQL injection attacks HTTP attacks.
Which profile must be applied to the Security policy rule to block spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers? Anti-spyware File blocking WildFire URL filtering.
Which feature dynamically analyzes and detects malicious content by evaluating various web page details using a series of machine learning (ML) models? Antivirus Inline ML URL Filtering Inline ML Anti-Spyware Inline ML WildFire Inline ML.
An administrator is troubleshooting an issue with Office365 and expects that this traffic traverses the firewall. When reviewing Traffic Log entries, there are no logs matching traffic from the test workstation. What might cause this issue? Office365 traffic is logged in the System Log. Office365 traffic is logged in the Authentication Log. Traffic matches the interzone-default rule, which does not log traffic by default. The firewall is blocking the traffic, and all blocked traffic is in the Threat Log.
When creating an address object, which option is available to select from the Type drop-down menu? IPv6 Address IP Netmask IPv4 Address IP Address Class.
Ethernet 2/1 has an IP Address of 10.0 1 2 in Zone ‘trust’ (LAN). If both interfaces are connected to the same virtual router, which IP address information will an administrator need to enter in the Destination field to access the internet? 0.0.0.0 10.0.2.1/32 10.0.1.254/32 0.0.0.0/0.
Where within the URL Filtering security profile must a user configure the action to prevent credential submissions? URL Filtering > Categories URL Filtering > URL Filtering Settings URL Filtering > Inline Categorization URL Filtering > HTTP Header Insertion.
Which Security profile must be added to Security policies to enable DNS Signatures to be checked? URL Filtering Vulnerability Protection Anty-spyware Antivirus.
Which two Security profile actions can only be applied to DoS Protection profiles? (Choose two.) Reset-server Reset-both SYN cookies Random Early Drop.
Where can you apply URL Filtering policy in a Security policy rule? Within the applications selection Within a destination address Within a service type Within the actions tab.
Which interface types are assigned to IEEE 802.1Q VLANs? Tunnel interfaces Layer 2 subinterfaces Layer 3 subinterfaces Loopback interfaces.
Which three factors can be used to create malware based on domain generation algorithms? (Choose three.) Time of day URL custom categories Other unique values Cryptographic keys IP address.
Which action column is available to edit in the Action tab of an Antivirus security profile? Virus Signature Spyware Trojan.
Given the detailed log information above, what was the result of the firewall traffic inspection? It denied the category DNS phishing. It denied the traffic because of unauthorized attempts. It was blocked by the Anti-Virus Security profile action. It was blocked by the Anti-Spyware Profile action.
When configuring a security policy, what is a best practice for User-ID? Use only one method for mapping IP addresses to usernames. Allow the User-ID agent in zones where agents are not monitoring services. Limit User-ID to users registered in an Active Directory server. Deny WMI traffic from the User-ID agent to any external zone.
What are three DNS policy actions? (Choose three.) Block Allow Strict Sinkhole Alert.
Which System log severity level would be displayed as a result of a user password change? Low Medium High Critical.
An administrator would like to block traffic to all high risk audio streaming applications, including new App-IDs introduced with content updates. Which filter should the administrator configure in the application filter object? The category is media, and the characteristic includes Evasive. The subcategory is audio-streaming, and the risk is 1. The subcategory is audio-streaming, and the risk is 5. The category is media, and the tag is high risk.
An administrator receives a notification about new malware that is being used to attack hosts. The malware exploits a software bug in a common application. Which Security Profile will detect and block access to this threat after the administrator updates the firewall's threat signature database? Vulnerability Profile applied to inbound Security policy rules Antivirus Profile applied to outbound Security policy rules Data Filtering Profile applied to outbound Security policy rules Data Filtering Profile applied to inbound Security policy rules.
The NetSec Manager asked to create a new firewall Local Administrator profile with customized privileges named New_Admin. This new administrator has to authenticate without inserting any username or password to access the WebUI. What steps should the administrator follow to create the New_Admin Administrator profile? 1. Set the Authentication profile to Local. 2. Select the "Use only client certificate authentication" check box. 3. Set Role to Role Based. 1. Select the "Use only client certificate authentication" check box. 2. Set Role to Dynamic. 3. Issue to the Client a Certificate with Certificate Name = New Admin 1. Select the "Use only client certificate authentication" check box. 2. Set Role to Dynamic. 3. Issue to the Client a Certificate with Common Name = New_Admin 1. Select the "Use only client certificate authentication" check box. 2. Set Role to Role Based. 3. Issue to the Client a Certificate with Common Name = New Admin.
Denunciar Test