Palo Alto Networks NetSec-Analyst - Palo Alto Networks Certified Network Security Analyst Exam
Page: 1 / 10
Total 50 questions
Question #1 (Topic: Exam A)
A security administrator is creating an internet of things (IoT) Security policy and needs to select behaviors for the trafficю
Which characteristic has the greatest impact to the risk level of applications?
Which characteristic has the greatest impact to the risk level of applications?
A. Used by Malware
B. Pervasive
C. Tunnels Other Apps
D. Known Vulnerabilities
Answer: A
Question #2 (Topic: Exam A)
DNS rewrite can only be configured on a NAT rule with which type of destination address translation?
A. Dynamic IP and Port (DIPP)
B. Dynamic IP (with session distribution)
C. Static IP
D. Dynamic IP
Answer: C
Question #3 (Topic: Exam A)
Based on the image below, what is a risk associated with this configuration?
A. Min Version setting of TLSvl 3 can cause compatibility issues with legacy applications or clients.
B. Authentication algorithm selections can significantly increase resource consumption and cause performance degradation.
C. Encryption algorithms 3DES and RC4 being disabled decreases security posture.
D. Max Version setting of "Max" enables the use of Perfect Forward Secrecy (PFS) and cannot be decrypted.
Answer: A
Question #4 (Topic: Exam A)
Which action ensures that sensitive information such as medical records, financial transactions, and legal communications are not decrypted and that they maintain strong security?
A. Create a log forwarding filter to exclude sensitive information.
B. Disable decryption globally to avoid exposing sensitive data.
C. Create an SSL Inbound Inspection policy to identify users sending sensitive information.
D. Create a no-decrypt policy for traffic matching specific URL categories.
Answer: D
Question #5 (Topic: Exam A)
An alert indicates that multiple internal endpoints are communicating with a known malicious IP address, and the analyst needs to identify the scope of this activity by using Log Viewer.
What is the first step in identifying which internal hosts have communicated with the malicious IP address and determining the extent of the communication?
What is the first step in identifying which internal hosts have communicated with the malicious IP address and determining the extent of the communication?
A. Filter the traffic logs by the known endpoint IP addresses.
B. Filter the traffic logs by the DNS Server's IP address.
C. Filter the traffic logs by the NGFWs IP addresses.
D. Filter the traffic logs by the malicious IP address.
Answer: D
