Palo Alto Networks Network Security Analyst (NetSec-Analyst) Free Practice Test

Question 1

A security administrator wants to determine which action a URL Filtering profile will take on the URL "www.
chatgpt.com". The firewall has a custom URL object with "www.chatgpt.com" as a member called
"Permitted-AI." The URL "www.chatgpt.com" is also categorized as "Artificial-Intelligence," "Computer- and-Internet-Info," and "Low-Risk." The URL Filtering profile has the following in descending order:
Artificial-Intelligence set to continue
Computer-and-Internet-Info set to block
Low-Risk set to alert
Permitted-AI set to allow
Which action will the URL Filtering profile take when traffic matches the "www.chatgpt.com" URL on a rule with this profile attached? (Choose one answer)

A. Continue

B. Allow

C. Block

D. Alert

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 2

An analyst wants to create a custom application for an internal tool that uses a specific proprietary protocol.
Which information is required to ensure the firewall correctly identifies this application using App-ID?

A. The MAC address of the server.

B. The URL category of the server.

C. Signature patterns found in the packet payload.

D. Source and Destination IP addresses.

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 3

An analyst needs to prevent users from downloading executable files from "High-Risk" URL categories while allowing them from "Business-and-Economy." Which profile should be configured to achieve this specific file-type restriction?

A. URL Filtering Profile

B. Vulnerability Protection Profile

C. File Blocking Profile

D. Data Filtering Profile

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 4

An organization wants to decrypt outbound traffic to ensure no malware is hidden in HTTPS sessions. Which type of decryption policy must be configured on the firewall to act as a "Man-in-the-Middle"?

A. SSL Inbound Inspection

B. Decryption Broker

C. SSH Proxy

D. SSL Forward Proxy

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 5

A financial company is deploying NGFWs with the Advanced SD-WAN subscription to improve uptime and bandwidth across thousands of ATMs. The company requires that traffic flows to the internal application needed by the ATMs always use the path with the lowest latency and packet loss.
Which unique SD-WAN rule parameters meet this criteria?

A. Application/Service: "Internal Application for ATMs" & "ATM Path(Custom)" in Path Quality Profile
# Path Selection "Any."

B. Application/Service: "Internal Application for ATMs" & "Management" in Path Quality Profile # Path Selection "Any."

C. Application/Service: "Internal Application for ATMs" # Path Selection: "Best Available Path" in Traffic Distribution Profile.

D. Application/Service: "Internal Application for ATMs" # Path Selection "Weighted Distribution" in Traffic Distribution Profile.

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 6

A company requires that all file transfers only over HTTP (tcp/80 and tcp/8080) to SaaS storage must be inspected for data exfiltration. Traffic to encrypted HTTPS SaaS storage cannot be inspected based on the company decryption restrictions.
When using a security profile group, which Security policy configuration meets this requirement?

A. One with data filtering to inspect all HTTP traffic on the web-browsing application using application- default for the service.

B. One with URL filtering and file blocking to block all file uploads to the URL category online-storage- and-backup, then set the service to tcp/80 and tcp/8080.

C. One with data filtering and an application filter that matches "file-sharing" applications, then set the service to tcp/80 and tcp/8080.

D. One with data filtering and the service set to tcp/80 and tcp/8080, then verify block threshold is set to
"1" to stop exfiltration.

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 7

Which object allows an analyst to group different applications together based on a specific business function, such as "Social-Media" or "Collaboration," to simplify policy management?

A. Service Group

B. Application Filter

C. Custom URL Category

D. Application Group

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 8

An analyst needs to create a security rule to allow access to a specific web application that identifies itself as
"web-browsing" but uses a custom, non-standard port of TCP 9000. Which configuration ensures the App-ID engine can still inspect this traffic?

A. Use an Application Override rule for port 9000.

B. Create a custom Service object for TCP 9000 and use it in the rule.

C. Change the Service to "application-default."

D. Change the application to "any" and the service to TCP 9000.

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Welcome to TestSimulate

Palo Alto Networks Network Security Analyst (NetSec-Analyst) Free Practice Test