Question Which App Response Time metric is the measure of network latency? A. Round Trip Time (RTT) B. Server Response Time (SRT) C. Network Transfer Time (NTTn) D. UDP Response Time (UDP-TRT) Answer A. Round Trip Time (RTT) Explanation 1 The answer is A, Round Trip Time (RTT). Round Trip Time (RTT) is the time …
Palo Alto
Question What happens when SaaS Security sees a new or unknown SaaS application? A. It forwards the application for WildFire analysis. B. It uses machine learning (ML) to classify the application. C. It generates alerts regarding changes in performance. D. It extends the branch perimeter to the closest node with high performance. Answer A. It …
Question If a Palo Alto Networks Next-Generation Firewall (NGFW) already has Advanced Threat Prevention (ATP) enabled what is the throughput impact of also enabling Wildfire and Advanced URL Filtering (AURLF)? A. The throughput will decrease with each additional subscription enabled. B. The throughput will remain consistent, but the maximum number of simultaneous sessions will decrease. …
Question What are two benefits of the sinkhole Internet Protocol (IP) address that DNS Security sends to the client in place of malicious IP addresses? (Choose two.) A. It represents the remediation server that the client should visit for patching. B. In situations where the internal DNS server is between the client and the firewall, …
Question What is the behavior of Defenders when the Console is unreachable during upgrades? A. Defenders continue to alert, but not enforce, using the policies and settings most recently cached before upgrading the Console. B. Defenders will fail closed until the web-socket can be re-established. C. Defenders will fail open until the web-socket can be …
Question Which Type of IOC can you define in Cortex XDR? A. destination port B. e-mail address C. full path D. App-ID Answer C. full path Explanation 1 The type of IOC that can be defined in Cortex XDR is C. full path. Cortex XDR is a detection and response platform that natively integrates endpoint, …
Question What are two purposes of “Respond to Malicious Causality Chains” in a Cortex XDR Windows Malware profile? (Choose two.) A. Automatically close the connections involved in malicious traffic. B. Automatically kill the processes involved in malicious activity. C. Automatically terminate the threads involved in malicious activity. D. Automatically block the IP addresses involved in …
Question An attacker tries to load dynamic libraries on macOS from an unsecure location. Which Cortex XDR module can prevent this attack? A. DDL Security B. Hot Patch Protection C. Kernel Integrity Monitor (KIM) D. Dylib Hijacking Answer D. Dylib Hijacking Explanation 1 The correct answer to the question is D. Dylib Hijacking. This is …
Question With a Cortex XDR Prevent license, which objects are considered to be sensors? A. Syslog servers B. Third-Party security devices C. Cortex XDR agents D. Palo Alto Networks Next-Generation Firewalls Answer C. Cortex XDR agents Explanation 1 With a Cortex XDR Prevent license, Cortex XDR agents are considered to be sensors. Explanation 2 The …
Question When is the WSS (WebSocket Secure) protocol used? A. when the Cortex XDR agent downloads new security content B. when the Cortex XDR agent uploads alert data C. when the Cortex XDR agent connects to WildFire to upload files for analysis D. when the Cortex XDR agent establishes a bidirectional communication channel Answer D. …
Question An administrator wants to run an automation in the War Room to set the incident field “Description” to “Confirmed Phishing”. Which command should they enter in the War Room CLI? A. !incidentSet description=”Confirmed Phishing” B. /incidentSet description=Confirmed Phishing C. !setIncident description=”Confirmed Phishing” D. /setIncident description=Confirmed Phishing Answer A. !incidentSet description=”Confirmed Phishing” Explanation 1 The …
Question During the regular maintenance of XSOAR a customer noticed that there was an update available for the Active Directory content pack (current version 1.4.6) and updated the content pack to the latest version (version 1.4.11). However, after the update the customer noticed that the Active Directory Query integration is not working properly and asked …
Question When developing the playbook, which of the following can be used by a XSOAR Administrator? A. The Debugger panel to test data with one of last five incidents. This will affect the incident’s original incident data. B. Context data from existing incidents by exporting the YAML data from incidents and importing it to playbook …
Palo Alto’s Unit42 security team has a report out on “domain shadowing,” a technique where threat actor gains access to a domain’s DNS records and use it to create subdomains without the owner’s knowledge, where they host malicious content. The company said it’s currently detecting 12,197 domains that have been “shadowed” and have subdomains hosting …
The latest Palo Alto Networks Certified Network Security Administrator (PCNSA) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Palo Alto Networks Certified Network Security Administrator (PCNSA) exam and earn Palo Alto Networks Certified Network Security Administrator (PCNSA) certification. Exam Question 1 A …