Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Paloalto Networks > Network Security Administrator > NetSec-Pro

NetSec-Pro Palo Alto Networks Network Security Professional Question and Answers

Question # 4

Where is the menu to configure quarantined devices in SCM?

A.

Quarantine Devices

B.

Quarantined Device List

C.

Security Events

D.

Device Groups

Full Access
Question # 5

What must be configured to successfully onboard a Prisma Access remote network using Strata Cloud Manager (SCM)?

A.

Cloud Identity Engine

B.

Autonomous Digital Experience Manager (ADEM)

C.

GlobalProtect agent

D.

IPSec termination node

Full Access
Question # 6

In a Prisma SD-WAN environment experiencing voice quality degradation, which initial action is recommended?

A.

Immediately modify path quality thresholds.

B.

Review real-time analytics of path performance.

C.

Switch all VoIP traffic to backup paths.

D.

Request an RMA of the ION devices.

Full Access
Question # 7

When a firewall registers to Panorama via ZTP, what pre-configurations are required on Panorama before the firewall powers on?

A.

Register the firewall on Panorama with serial number and claim key

B.

Confirm the firewall is properly registered in CSP

C.

Configure Template, Template Stack, Device Group, and interfaces

D.

Disable Panorama authentication profiles

Full Access
Question # 8

What configurations are supported for Traffic Steering of Remote Network in Prisma Access?

A.

EDL

B.

DAG, Dynamic Address Group

C.

BGP AS Path prepend only

D.

Static NAT policy only

Full Access
Question # 9

Which two types of logs must be forwarded to Strata Logging Service for IoT Security to function? (Choose two.)

A.

WildFire

B.

Enhanced application

C.

Threat

D.

URL Filtering

Full Access
Question # 10

How are policies evaluated in the AWS management console when creating a Security policy for a Cloud NGFW?

A.

The administrator sets a rule order to determine the order in which they are evaluated.

B.

They can be dragged up or down the stack as they are evaluated.

C.

The administrator sets a rule priority to determine the order in which they are evaluated.

D.

They must be created in the order they are intended to be evaluated.

Full Access
Question # 11

Which feature of SaaS Security will allow a firewall administrator to identify unknown SaaS applications in an environment?

A.

App-ID Cloud Engine

B.

App-ID

C.

SaaS Data Security

D.

Cloud Identity Engine

Full Access
Question # 12

In a distributed enterprise implementing Prisma SD-WAN, which configuration element should be implemented first to ensure optimal traffic flow between remote sites and headquarters?

A.

Deploy redundant ION devices at each location.

B.

Implement dynamic path selection using real-time performance metrics.

C.

Configure static routes between all the branch offices.

D.

Enable split tunneling for all branch locations.

Full Access
Question # 13

Which two components of a Security policy, when configured, allow third-party contractors access to internal applications outside business hours? (Choose two.)

A.

App-ID

B.

Service

C.

User-ID

D.

Schedule

Full Access
Question # 14

Which two security services are required for configuration of NGFW Security policies to protect against malicious and misconfigured domains? (Choose two.)

A.

Advanced Threat Prevention

B.

SaaS Security

C.

Advanced WildFire

D.

Advanced DNS Security

Full Access
Question # 15

Which two tools can be used to configure Cloud NGFWs for AWS? (Choose two.)

A.

Cortex XSIAM

B.

Prisma Cloud management console

C.

Panorama

D.

Cloud service provider's management console

Full Access
Question # 16

What is the recommended upgrade path from PAN-OS 9.1 to PAN-OS 11.2?

A.

9.1 → 11.0 → 11.2

B.

9.1 → 10.0 → 11.

C.

9.1 → 11.

D.

9.1 → 10.0 → 11.2

Full Access
Question # 17

Which two compliance standards are supported by SCM compliance reports?

A.

PCI-DSS

B.

NIST

C.

CIS

D.

GDPR

Full Access
Question # 18

Which two features can a network administrator use to troubleshoot the issue of a Prisma Access mobile user who is unable to access SaaS applications? (Choose two.)

A.

SaaS Application Risk Portal

B.

Capacity Analyzer

C.

GlobalProtect logs

D.

Autonomous Digital Experience Manager (ADEM) console

Full Access
Question # 19

In a service provider environment, what key advantage does implementing virtual systems provide for managing multiple customer environments?

A.

Shared threat prevention policies across all tenants

B.

Centralized authentication for all customer domains

C.

Unified logging across all virtual systems

D.

Logical separation of control and Security policy

Full Access
Question # 20

Which security profile provides real-time protection against threat actors who exploit the misconfigurations of DNS infrastructure and redirect traffic to malicious domains?

A.

Antivirus

B.

URL Filtering

C.

Vulnerability Protection

D.

Anti-spyware

Full Access
Question # 21

Which procedure is most effective for maintaining continuity and security during a Prisma Access data plane software upgrade?

A.

Back up configurations, schedule upgrades during off-peak hours, and use a phased approach rather than attempting a network-wide rollout.

B.

Use Strata Cloud Manager (SCM) to perform dynamic upgrades automatically and simultaneously across all locations at once to ensure network-wide uniformity.

C.

Disable all security features during the upgrade to prevent conflicts and re-enable them after completion to ensure a smooth rollout process.

D.

Perform the upgrade during peak business hours, quickly address any user-reported issues, and ensure immediate troubleshooting post-rollout.

Full Access