Which operation will impact the performance of the management plane?
A. Decrypting SSL sessions
B. Generating a SaaS Application report
C. Enabling DoS protection
D. Enabling packet buffer protection
You are auditing the work of a co-worker and need to verify that they have matched the Palo Alto Networks Best Practices for Anti-Spyware Profiles. For which three severity levels should single-packet captures be enabled to meet the Best Practice standard? (Choose three.)
A. Low
B. High
C. Critical
D. Informational
E. Medium
Explanation: The Palo Alto Networks Best Practices for Anti-Spyware Profiles recommend enabling single-packet captures (PCAP) for medium, high, and critical severity threats. This allows for capturing the first packet of the malicious traffic for further analysis and investigation. PCAP should not be enabled for low and informational severity threats, as they generate a relatively high volume of traffic and are not particularly useful compared to potential threats.
An administrator plans to install the Windows-Based User-ID Agent. What type of Active Directory (AD) service account should the administrator use?
A. Dedicated Service Account
B. System Account
C. Domain Administrator
D. Enterprise Administrator
A firewall engineer at a company is researching the Device Telemetry feature of PAN-OS. Which two aspects of the feature require further action for the company to remain compliant with local laws regarding privacy and data storage? (Choose two.)
A. Telemetry feature is automatically enabled during PAN-OS installation.
B. Telemetry data is uploaded into Strata Logging Service.
C. Telemetry feature is using Traffic logs and packet captures to collect data.
D. Telemetry data is shared in real time with Palo Alto Networks.
Explanation: To address the question about the Device Telemetry feature in PAN-OS
and its compliance with privacy and data storage laws, let’s examine the details thoroughly.
Understanding Device Telemetry in PAN-OS
Device Telemetry is a feature in Palo Alto Networks’ PAN-OS that collects data from the
firewall to provide insights for:
An organization has recently migrated its infrastructure and configuration to NGFWs, for which Panorama manages the devices. The organization is coming from a L2-L4 firewall vendor, but wants to use App-ID while identifying policies that are no longer needed. Which Panorama tool can provide a solution?
A. Application Groups
B. Policy Optimizer
C. Test Policy Match
D. Config Audit
The server team is concerned about the high volume of logs forwarded to their syslog server, it is determined that DNS is generating the most logs per second. The risk and compliance team requests that any Traffic logs indicating port abuse of port 53 must still be forwarded to syslog. All other DNS. Traffic logs can be exclude from syslog forwarding. How should syslog log forwarding be configured?
A. With (port,dst neq 53)’ Traffic log filter Object > Log Forwarding.
B. With ‘(port dst neq 53)’ Traffic log filter inside Device > log Settings.
C. With ‘(app neq dns-base)’’ Traffic log filter inside Device> Log Settings.
D. With ‘(app neq dns-base)’’ Traffic log filter inside Objects> Log Forwarding
Which protocol is natively supported by GlobalProtect Clientless VPN?
A. HTP
B. SSH
C. HTTPS
D. RDP
An internal audit team has requested additional information to be included inside traffic logs forwarded from Palo Alto Networks firewalls to an interal syslog server. Where can the firewall engineer define the data to be added into each forwarded log?
A. Data Patterns within Objects > Custom Objects
B. Custom Log Format within Device Server Profiles> Syslog
C. Built-in Actions within Objects > Log Forwarding Profile
D. Logging and Reporting Settings within Device > Setup > Management
| Page 13 out of 41 Pages |
| Palo Alto PCNSE Practice Test Home | Previous |
Contact Us - Privacy Policy ... Copyright © - All Rights Reserved