Palo Alto Networks
NetSec-Analyst
Q1:
In a File Blocking profile, which two actions should be taken to allow file types that support critical apps? (Choose two.)
☐
A
Clone and edit the Strict profile.☐
B
Use URL filtering to limit categories in which users can transfer files.☐
C
Set the action to Continue.☐
D
Edit the Strict profile.
Palo Alto Networks
NetSec-Analyst
Q2:
What do you configure if you want to set up a group of objects based on their ports alone?
○
A
Application groups○
B
Service groups○
C
Address groups○
D
Custom objects
Palo Alto Networks
NetSec-Analyst
Q3:
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
○
A
DoS protection○
B
URL filtering○
C
packet buffering○
D
anti-spyware
Palo Alto Networks
NetSec-Analyst
Q4:
Where in the PAN-OS GUI can an administrator monitor the rule usage for a specified period of time?
○
A
Objects > Schedules○
B
Policies > Policy Optimizer○
C
Monitor > Packet Capture○
D
Monitor > Reports
Palo Alto Networks
NetSec-Analyst
Q5:
If using group mapping with Active Directory Universal Groups, what must you do when configuring the User-ID?
○
A
Create an LDAP Server profile to connect to the root domain of the Global Catalog server on port 3268 or 3269 for SSL○
B
Configure a frequency schedule to clear group mapping cache○
C
Configure a Primary Employee ID number for user-based Security policies○
D
Create a RADIUS Server profile to connect to the domain controllers using LDAPS on port 636 or 389