Palo Alto Networks Certified Network Security Administrator v1.0

Page:    1 / 26   
Exam contains 395 questions
Expand All

An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?

  • A. branch office traffic
  • B. north-south traffic
  • C. perimeter traffic
  • D. east-west traffic


Answer : D

Given the topology, which zone type should zone A and zone B to be configured with?

  • A. Layer3
  • B. Tap
  • C. Layer2
  • D. Virtual Wire


Answer : A

To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?

  • A. domain controller
  • B. TACACS+
  • C. LDAP
  • D. RADIUS


Answer : C

Which interface type is used to monitor traffic and cannot be used to perform traffic shaping?

  • A. Layer 2
  • B. Tap
  • C. Layer 3
  • D. Virtual Wire


Answer : B

Which administrator type provides more granular options to determine what the administrator can view and modify when creating an administrator account?

  • A. Root
  • B. Dynamic
  • C. Role-based
  • D. Superuser


Answer : C

Which administrator type utilizes predefined roles for a local administrator account?

  • A. Superuser
  • B. Role-based
  • C. Dynamic
  • D. Device administrator


Answer : C

Reference:
https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-cli-quick-start/get-started-with-the-cli/give-administrators-access-to-the-cli/administrative- privileges?PageSpeed=noscript

Which two security profile types can be attached to a security policy? (Choose two.)

  • A. antivirus
  • B. DDoS protection
  • C. threat
  • D. vulnerability


Answer : AD

Reference:
https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/policy/security-profiles

The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.
Which security profile feature could have been used to prevent the communication with the CnC server?

  • A. Create an anti-spyware profile and enable DNS Sinkhole
  • B. Create an antivirus profile and enable DNS Sinkhole
  • C. Create a URL filtering profile and block the DNS Sinkhole category
  • D. Create a security policy and enable DNS Sinkhole


Answer : A

Reference:
https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-web-interface-help/objects/objects-security-profiles-anti-spyware-profile

Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?

  • A. Active Directory monitoring
  • B. Windows session monitoring
  • C. Windows client probing
  • D. domain controller monitoring


Answer : A

Which three statements describe the operation of Security policy rules and Security Profiles? (Choose three.)

  • A. Security policy rules are attached to Security Profiles.
  • B. Security Profiles are attached to Security policy rules.
  • C. Security Profiles should be used only on allowed traffic.
  • D. Security policy rules inspect but do not block traffic.
  • E. Security policy rules can block or allow traffic.


Answer : ABC

Given the image, which two options are true about the Security policy rules. (Choose two.)

  • A. The Allow-Office-Programs rule is using an Application Filter.
  • B. In the Allow-FTP policy, FTP is allowed using App-ID.
  • C. The Allow-Office-Programs rule is using an Application Group.
  • D. The Allow-Social-Media rule allows all of Facebookג€™s functions.


Answer : BC

Which type of Security policy rule would match traffic flowing between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

  • A. global
  • B. intrazone
  • C. interzone
  • D. universal


Answer : D

Reference:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClomCAC

Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?

  • A. GlobalProtect
  • B. AutoFocus
  • C. Aperture
  • D. Panorama


Answer : A

Which two statements are correct regarding multiple static default routes when they are configured as shown in the image? (Choose two.)

  • A. Path monitoring does not determine if route is useable.
  • B. Route with highest metric is actively used.
  • C. Path monitoring determines if route is useable.
  • D. Route with lowest metric is actively used.


Answer : CD

Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can run malicious code against a targeted machine.

  • A. Exploitation
  • B. Installation
  • C. Reconnaissance
  • D. Act on Objective


Answer : A

Page:    1 / 26   
Exam contains 395 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy