Scribd
Upload
97 views6 pages

PCNSC 2

Uploaded by

wingmak13143
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
97 views6 pages

PCNSC 2

Uploaded by

wingmak13143
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Palo Alto Networks

PCNSC
Palo Alto Networks Certified Network Security Consultant
QUESTION & ANSWERS

https://www.dumpscore.com/palo-alto-networks/PCNSC-braindumps
QUESTION: 1

An existing customer who has deployed several Palo Alto Networks Next-Generation Firewalls would like to
start using Device-ID to obtain policy rule recommendations They have also purchased a Support license, a
Threat license a URL Filtering license, and a WildFire license for each firewall What additional license do they
need to purchase"?

Option A : a Cortex Data Lake license

Option B : an Enterprise Data Loss Prevention (DLP) license

Option C : an loT Security license (or the perimeter firewall

Option D : an loT Security license for each deployed firewall

Correct Answer: A

Explanation/Reference:

To start using Device-ID to obtain policy rule recommendations, the customer needs to purchase: A.a Cortex Data Lake license

The Cortex Data Lake is a cloud-based logging service that aggregates data from all Palo Alto Networks products and services.

Device-ID uses this data to provide insights and recommendations for policy rules based on the identities of devices on the

network. References: Palo Alto Networks - Cortex Data Lake: https://docs.paloaltonetworks.com/cortex/cortex-data-lake Palo

Alto Networks - Device-ID Overview: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/policy/use-device-id-to-

enforce-policy

QUESTION: 2

Match the task for server settings in group mapping with its order in the process.

https://www.dumpscore.com/palo-alto-networks/PCNSC-braindumps
Answer :

Explanation/Reference:

To configure group mapping on a Palo Alto Networks firewall, follow these steps in order: Navigate to Device > User

Identification > Group Mapping: This is the initial step where you access the group mapping settings in the web interface. Add

a new group mapping: After navigating to the group mapping section, the next step is to add a new group mapping

configuration. Enter a unique name to identify the group mapping configuration: Provide a unique and descriptive name for the

new group mapping configuration to easily identify it.Create an LDAP Server Profile: This step involves creating an LDAP Server

Profile, which defines the connection settings for the LDAP server that will be queried for user and group information. Select the

LDAP Server Profile: Finally, associate the created LDAP Server Profile with the group mapping configuration. This links the

group mapping to the specific LDAP server. Order in Process: Navigate to Device > User Identification > Group Mapping Add a

new group mapping. Enter a unique name to identify the group mapping configuration. Create an LDAP Server Profile. Select

the LDAP Server Profile. References: Palo Alto Networks - Configuring Group Mapping: https://docs.paloaltonetworks.com/pan-

os/10-0/pan-os-admin/user-id/map-users-to-groups Palo Alto Networks - User-ID Agent and Group Mapping Configuration:

https://knowledgebase.paloaltonetworks.com

https://www.dumpscore.com/palo-alto-networks/PCNSC-braindumps
QUESTION: 3

Match the App-ID adoption task with its order in the process.

Answer :

Explanation/Reference:

To match the App-ID adoption task with its order in the process, follow these steps: Perform a like-for-like (Layer 3/4) migration

from the legacy firewall to the Palo Alto Networks NGFW. This is the initial step to ensure that the Palo Alto Networks NGFW is

in place and functioning with the existing security policies. Capture, retain, and verify that all traffic has been logged for a

period of time. This step involves enabling logging and monitoring traffic to understand the application usage and to ensure

that all traffic is being logged. Clone the legacy rules and add application information to the intended application-based rules.

This step involves creating copies of the existing rules and enhancing them with application-specific information using App-ID.

Verify that no traffic is hitting the legacy rules.After creating application-based rules, ensure that traffic is now hitting these

new rules instead of the legacy rules. This indicates that the transition to App-ID based policies is successful. Remove the

legacy rules. Once it is confirmed that no traffic is hitting the legacy rules and the new App-ID based rules are effectively

managing the traffic, the legacy rules can be safely removed. Order in Process: Perform a like-for-like (Layer 3/4) migration

https://www.dumpscore.com/palo-alto-networks/PCNSC-braindumps
from the legacy firewall to the Palo Alto Networks NGFW. Capture, retain, and verify that all traffic has been logged for a period

of time. Clone the legacy rules and add application information to the intended application-based rules. Verify that no traffic is

hitting the legacy rules. Remove the legacy rules. References: Palo Alto Networks - App-ID Best Practices:

https://docs.paloaltonetworks.com/best-practices Palo Alto Networks - Migration from Legacy Firewalls:

https://docs.paloaltonetworks.com/migration

QUESTION: 4

Which category of Vulnerability Signatures is most likely to trigger false positive alerts?

Option A : code-execution

Option B : phishing

Option C : info-leak

Option D : brute-force

Correct Answer: C

Explanation/Reference:

The category of Vulnerability Signatures that is most likely to trigger false positive alerts is: C.info-leak Information leakage

signatures are designed to detect attempts to access or disclose sensitive information. These signatures can be prone to false

positives because benign activities or legitimate data transmissions can sometimes be mistakenly identified as information

leaks. References: Palo Alto Networks - Managing False Positives in Threat Prevention: https://docs.paloaltonetworks.com/pan-

os/10-0/pan-os-admin/threat-prevention/manage-false-positives-inPalo Alto Networks - Vulnerability Protection:

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/threat-prevention/vulnerability-protection

QUESTION: 5

Which feature allows you to use multiple links simultaneously to balance the load in a Palo Alto Networks
firewall?

Option A : High Availability

Option B : Aggregate Ethernet

https://www.dumpscore.com/palo-alto-networks/PCNSC-braindumps
Option C : Virtual Wire

Option D : ECMP (Equal-Cost Multi-Path)

Correct Answer: D

QUESTION: 6

Which two log types are necessary to fully investigate a network intrusion? (Choose two)

Option A : URL Filtering log

Option B : Traffic log

Option C : Threat log

Option D : System log

Correct Answer: B,C

https://www.dumpscore.com/palo-alto-networks/PCNSC-braindumps

You might also like