Paloalto Networks NetSec Analyst 시험

Question No : 1

You receive notification about new malware that is being used to attack hosts. The malware exploits a software bug in a common application
Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?

• A.Data Filtering Profile applied to outbound Security policy rules
• B.Antivirus Profile applied to outbound Security policy rules
• C.Data Filtering Profile applied to inbound Security policy rules
• D.Vulnerability Profile applied to inbound Security policy rules

답을 확인하기

정답:

Question No : 2

Access to which feature requires the PAN-OS Filtering license?

• A.PAN-DB database
• B.DNS Security
• C.Custom URL categories
• D.URL external dynamic lists

답을 확인하기

정답:
Explanation:
Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/activate-licenses-andsubscriptions.html

Question No : 3

DRAG DROP
Match each feature to the DoS Protection Policy or the DoS Protection Profile.

답을 확인하기

정답:

Question No : 4

Which type of administrator account cannot be used to authenticate user traffic flowing through the firewall’s data plane?

• A.Kerberos user
• B.SAML user
• C.local database user
• D.local user

답을 확인하기

정답:

Question No : 5

The PowerBall Lottery has reached an unusually high value this week. Your company has decided to raise morale by allowing employees to access the PowerBall Lottery website (www.powerball.com) for just this week. However, the company does not want employees to access any other websites also listed in the URL filtering “gambling” category.
Which method allows the employees to access the PowerBall Lottery website but without unblocking access to the “gambling” URL category?

• A.Add just the URL www.powerball.com to a Security policy allow rule.
• B.Manually remove powerball.com from the gambling URL category.
• C.Add *.powerball.com to the URL Filtering allow list.
• D.Create a custom URL category, add *.powerball.com to it and allow it in the Security Profile.

답을 확인하기

정답:

Question No : 6

Which type of administrative role must you assign to a firewall administrator account, if the account must include a custom set of firewall permissions?

• A.SAML
• B.Multi-Factor Authentication
• C.Role-based
• D.Dynamic

답을 확인하기

정답:
Explanation:
Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/firewall-administration/manage-firewall-administrators/administrative-role-types.html

Question No : 7

All users from the internal zone must be allowed only Telnet access to a server in the DMZ zone.
Complete the two empty fields in the Security Policy rules that permits only this type of access.



Choose two.

• A.Service = "any"
• B.Application = "Telnet"
• C.Service -"application-default"
• D.Application = "any"

답을 확인하기

정답:

Question No : 8

Which action results in the firewall blocking network traffic with out notifying the sender?

• A.Drop
• B.Deny
• C.Reset Server
• D.Reset Client

답을 확인하기

정답:

Question No : 9

Based on the security policy rules shown, ssh will be allowed on which port?

• A.any port
• B.same port as ssl and snmpv3
• C.the default port
• D.only ephemeral ports

답을 확인하기

정답:

Question No : 10

Which two features can be used to tag a user name so that it is included in a dynamic user group? (Choose two)

• A.XML API
• B.log forwarding auto-tagging
• C.Global Protect agent
• D.User-ID Windows-based agent

답을 확인하기

정답:
Explanation:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/url-filtering/url-filtering-concepts/url-filtering-profile-actions

Question No : 11

The CFO found a malware infected USB drive in the parking lot, which when inserted infected their corporate laptop the malware contacted a known command-and-control server which exfiltrating corporate data.
Which Security profile feature could have been used to prevent the communications with the command-and-control server?

• A.Create a Data Filtering Profile and enable its DNS sinkhole feature.
• B.Create an Antivirus Profile and enable its DNS sinkhole feature.
• C.Create an Anti-Spyware Profile and enable its DNS sinkhole feature.
• D.Create a URL Filtering Profile and block the DNS sinkhole URL category.

답을 확인하기

정답:

Question No : 12

Four configuration choices are listed, and each could be used to block access to a specific URL.
If you configured each choices to block the sameURL then which choice would be the last to block access to the URL?

• A.EDL in URL Filtering Profile.
• B.Custom URL category in Security Policy rule.
• C.Custom URL category in URL Filtering Profile.
• D.PAN-DB URL category in URL Filtering Profile.

답을 확인하기

정답:
Explanation:
The precedence is from the top down; First Match Wins:
-1) Block list: Manually entered blocked URLs Objects
-2) Allow list: Manually entered allowed URLs Objects
-3) Custom URL Categories
-4) Cached Cached: URLs learned from External Dynamic Lists (EDLs)
-5) Pre-Defined Categories: PAN-DB or Bright cloud categories.

Question No : 13

Which definition describes the guiding principle of the zero-trust architecture?

• A.never trust, never connect
• B.always connect and verify
• C.never trust, always verify
• D.trust, but verity

답을 확인하기

정답:
Explanation:
Reference: https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture

Question No : 14

Which license must an administrator acquire prior to downloading Antivirus updates for use with the firewall?

• A.URL filtering
• B.Antivirus
• C.Wild Fire
• D.Threat Prevention

답을 확인하기

정답:

Question No : 15

You must configure which firewall feature to enable a data-plane interface to submit DNS queries on behalf of the control plane?

• A.Admin Role profile
• B.virtual router
• C.DNS proxy
• D.service route

답을 확인하기

정답: