ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCNSC
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An existing customer who has deployed several Palo Alto Networks Next-Generation Firewalls would like to start using Device-ID to obtain policy rule recommendations They have also purchased a Support license, a Threat license a URL Filtering license, and a WildFire license for each firewall What additional license do they need to purchase'?
A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an 'allow any' rule What should the consultant say about Expedition?
How can you verify that a new security policy is correctly blocking traffic without disrupting the network?
You are hosting a public-facing web server on your DMZ and access to that server is through a Palo Alto Networks firewall Both internal clients and internet clients access this web server using the FQDN public webserver acme com which resolves to the public address of 99.99 99.2 Which combination of NAT policies is necessary to enable access to the web server for both internal and internet clients? A) B) C) D)
Which two log types are necessary to fully investigate a network intrusion? (Choose two)
Instead of disabling App-IDs regularly, a security policy rule is going to be configured to temporarily allow new App-IDs. In which two circumstances is it valid to disable App-IDs as part of content update-? (Choose two)
In Panorama, what is the correct order of precedence for security policies?
What is the maximum number of virtual systems supported by a Palo Alto Networks VM-300 firewall?
Which GlobalProtect feature ensures that only trusted endpoints can connect to the network?
Which CLI command should you use to verify whether all SFP SFP*, or QSFP modules are installed in a firewall?

Question 8 - PCNSC discussion

Report
Export

A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an 'allow any' rule

What should the consultant say about Expedition?

A.
Expedition cannot parse log files and therefore cannot be used for this purpose
Answers
A.
Expedition cannot parse log files and therefore cannot be used for this purpose
B.
By using the Machine Learning feature Expedition can parse the traffic log files related to the polcy and extract security rules for matching traffic
Answers
B.
By using the Machine Learning feature Expedition can parse the traffic log files related to the polcy and extract security rules for matching traffic
C.
Live firewall traffic can be viewed on Expedition when connected to a firewall, and Expedition can automatically create and push policies to the firewall
Answers
C.
Live firewall traffic can be viewed on Expedition when connected to a firewall, and Expedition can automatically create and push policies to the firewall
D.
The log files can be viewed on Expedition, and right-clicking a log entry gives the option to create security policy from the log entry.
Answers
D.
The log files can be viewed on Expedition, and right-clicking a log entry gives the option to create security policy from the log entry.
Suggested answer: B

Explanation:

The Expedition tool can help the customer extract security policies from an 'allow any' rule by using its Machine Learning feature:

B . By using the Machine Learning feature, Expedition can parse the traffic log files related to the policy and extract security rules for matching traffic

Expedition can analyze traffic log files and apply machine learning algorithms to suggest security policies that match the observed traffic patterns. This helps in creating a more secure and granular policy set from a broad 'allow any' rule.

Palo Alto Networks - Expedition Documentation: https://live.paloaltonetworks.com/t5/expedition-migration-tool/ct-p/migration_tool

Palo Alto Networks - Using Machine Learning in Expedition: https://live.paloaltonetworks.com/t5/expedition-articles/expedition-machine-learning-overview/ta-p/260401

Show Answer
asked 23/09/2024
Petros Kapouleas
46 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms