Free NetSec-Generalist Sample Questions — Palo Alto Networks - Network Security Generalist

Which step is necessary to ensure an organization is using the inline cloud analysis features in its Advanced Threat Prevention subscription?

• A. Configure Advanced Threat Prevention profiles with default settings and only focus on high-risk traffic to avoid affecting network performance
• B. Enable SSL decryption in Security policies to inspect and analyze encrypted traffic for threats
• C. Update or create a new anti-spyware security profile and enable the appropriate local deep learning models
• D. Disable anti-spyware to avoid performance impacts and rely solely on external threat intelligence

Which two components of a Security policy, when configured, allow third-party contractors access to internal applications outside business hours? (Choose two.)

• A. User-ID
• B. Schedule
• C. Service
• D. App-ID

Which NGFW function can be used to enhance visibility, protect, block, and log the use of Post-quantum Cryptography (PQC)?

• A. DNS Security profile
• B. Decryption policy
• C. Security policy
• D. Decryption profile

At a minimum, which action must be taken to ensure traffic coming from outside an organization to the DMZ can access the DMZ zone for a company using private IP address space?

• A. Configure static NAT for all incoming traffic
• B. Create NAT policies on post-NAT addresses for all traffic destined for DMZ
• C. Configure NAT policies on the pre-NAT addresses and post-NAT zone
• D. Create policies only for pre-NAT addresses and any destination zone

How many places will a firewall administrator need to create and configure a custom data loss prevention (DLP) profile across Prisma Access and the NGFW?

• A. One
• B. Two
• C. Three
• D. Four