C Certs Club
Home
Oracle SAP Microsoft Cisco CompTIA Fortinet Salesforce Nutanix Linux Foundation Amazon View All Vendors →
Login Register

Palo Alto Networks NetSec-Pro - Palo Alto Networks Certified Network Security Professional Certification Exam

Download Exam View Entire Exam
Page: 1 / 2
Question #1 (Topic: Demo Questions)

Using Prisma Access, which solution provides the most security coverage of network protocols for the mobile workforce?

A.
Explicit proxy
B.
Client-based VPN
C.
Enterprise browser 
D.
Clientless VPN
Correct Answer: B
Explanation:
Client-based VPN solutions like Global Protect provide full coverage for the mobile workforce by extending the enterprise security stack to remote endpoints. It establishes a secure tunnel, allowing consistent security policies across the enterprise perimeter and the mobile workforce. “Global Protect is a client-based VPN that provides secure, consistent protection for mobile users by extending the security capabilities of Prisma Access to remote endpoints, covering all network protocols.” (Source: Global Protect Admin Guide)
Question #2 (Topic: Demo Questions)

Which two tools can be used to configure Cloud NGFWs for AWS? (Choose two.)

A.
Cortex XSIAM
B.
 Prisma Cloud management console
C.
Panorama
D.
Cloud service provider's management console
Correct Answer: C, D
Explanation:
Cloud NGFW for AWS can be configured using Panorama for centralized management, as well as the AWS management console for native integration and configuration. “You can configure Cloud NGFW for AWS using Panorama for centralized security management, or directly through the AWS management console to deploy and manage security services for your AWS resources.” (Source: Cloud NGFW for AWS Guide)
Question #3 (Topic: Demo Questions)

In which two applications can Prisma Access threat logs for mobile user traffic be reviewed? (Choose two.)

A.
Prisma Cloud dashboard
B.
Strata Cloud Manager (SCM)
C.
Strata Logging Service
D.
Service connection firewall
Correct Answer: B, C
Explanation:
Threat logs for Prisma Access mobile users can be reviewed in both Strata Cloud Manager (SCM) and Strata Logging Service. Prisma Cloud and service connection firewalls are not directly tied to mobile user traffic logs. “Prisma Access logs are available in the Strata Cloud Manager and can also be sent to the Strata Logging Service for detailed analysis and threat visibility.” (Source: Prisma Access Administration Guide)
Question #4 (Topic: Demo Questions)

Where can you view the block logs when upload of a PE file is restricted?

A.
Traffic logs
B.
WildFire logs
C.
Data Filtering logs
D.
System logs
Correct Answer: C
Explanation:
When uploads are blocked by a Data Filtering profile, the firewall records the event in Data Filtering logs .
[Reference:https://docs.paloaltonetworks.com/pan-os/, ]
Question #5 (Topic: Demo Questions)

Which set of attributes is used by IoT Security to identify and classify appliances on a network when determining Device-ID?

A.
IP address, network traffic patterns, and device type
B.
MAC address, device manufacturer, and operating system
C.
Hostname, application usage, and encryption method
D.
Device model, firmware version, and user credential
Next Question
Correct Answer: B
Explanation:
IoT Security uses MAC address , device manufacturer , and OS information to identify and classify devices via Device-ID.
“IoT Security uses passive network traffic analysis to fingerprint devices based on the MAC address, manufacturer, and operating system to ensure accurate classification.”
(Source: IoT Security Device-ID and Classification)
These attributes provide a robust, manufacturer-agnostic method to fingerprint IoT devices.