Palo Alto Networks Certified Network Security Professional v1.0

Page:    1 / 4   
Exam contains 60 questions
Expand All

Which two features can a network administrator use to troubleshoot the issue of a Prisma Access mobile user who is unable to access SaaS applications? (Choose two.)

  • A. Autonomous Digital Experience Manager (ADEM) console
  • B. Capacity Analyzer
  • C. Global Protect logs
  • D. SaaS Application Risk Portal


Answer : AC

Which file type does Advanced WildFire support for inline analysis to detect advanced malware?

  • A. PE
  • B. APK
  • C. PDF
  • D. JAR


Answer : C

An administrator wants to implement additional Cloud-Delivered Security Services (CDSS) on a data center NGFW that already has one enabled.
What benefit does the NGFWs single-pass parallel processing (SP3) architecture provide?

  • A. It allows for traffic inspection at the application level.
  • B. There will be only a minor reduction in performance.
  • C. There will be no additional performance degradation.
  • D. It allows additional security inspection devices to be added inline.


Answer : C

What is the recommended upgrade path from PAN-OS 9.1 to PAN-OS 11.2?

  • A. 9.1 --> 11.2
  • B. 9.1 --> 11.0 --> 11.2
  • C. 9.1 --> 10.0 --> 11.0 --> 11.2
  • D. 9.1 --> 10.0 --> 11.0 --> 11.1 --> 11.2


Answer : C

By default, how often are signatures updated for firewalls with Advanced WildFire?

  • A. In real time
  • B. Within 5-10 minutes
  • C. Within 24-48 hours
  • D. Once a week


Answer : B

Which functionality does an NGFW use to determine whether new session setups are legitimate or illegitimate?

  • A. SYN bit
  • B. SYN flood protection
  • C. SYN cookies
  • D. Random Early Detection (RED)


Answer : C

Which set of attributes is used by IoT Security to identify and classify appliances on a network when determining Device-ID?

  • A. IP address, network traffic patterns, device type
  • B. MAC address, device manufacturer, operating system
  • C. Hostname, application usage, encryption method
  • D. Device model, firmware version, user credential


Answer : B

How does a firewall behave when SSL Inbound Inspection is enabled?

  • A. It decrypts inbound and outbound SSH connections.
  • B. It acts as meddler-in-the-middle between the client and the internal server.
  • C. It acts transparently between the client and the internal server.
  • D. It decrypts traffic between the client and the external server.


Answer : B

In a service provider environment, what key advantage does implementing virtual systems provide for managing multiple customer environments?

  • A. Shared threat prevention policies across all tenants
  • B. Centralized authentication for all customer domains
  • C. Unified logging across all virtual systems
  • D. Logical separation of control and Security policy


Answer : D

What are two indications that a packet has been processed into a fast path session? (Choose two.)

  • A. Content and application inspection is recognized.
  • B. Initial forwarding look is using a FIB.
  • C. Previous packets of the same session have been identified.
  • D. Security policy lookup is initiated.


Answer : BC

Which two content updates can be pushed to NGFWs from Panorama? (Choose two.)

  • A. WildFire
  • B. Applications and threats
  • C. Advanced URL Filtering
  • D. GlobalProtect data file


Answer : BC

An administrator is responsible for updating which component of Prisma Access?

  • A. Management plane
  • B. Content updates
  • C. Data plane
  • D. VPN client


Answer : D

A Prisma Access administrator wants to attach the same set of Security policies to each new rule created.
How can the administrator automate the profiles to be attached to new rules?

  • A. Create profiles for each CDSS and name them "default."
  • B. Create a security profile group and name it "default."
  • C. Use AIOps to automate the security profile group attachment.
  • D. Use Policy Analyzer after creating the new rules.


Answer : B

Which two components of a Security policy, when configured, allow third-party contractors access to internal applications outside business hours? (Choose two.)

  • A. User-ID
  • B. Service
  • C. Schedule
  • D. App-ID


Answer : AC

Which two features are supported when using traffic steering rules for remote network deployment on Prisma Access? (Choose two.)

  • A. Bidirectional Forwarding Detection (BFD)
  • B. External dynamic list
  • C. Remote desktop protocol (RDP)
  • D. Dynamic Address Group


Answer : BD

Page:    1 / 4   
Exam contains 60 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy