Home / Palo Alto Networks / PCNSE

Question list

List of questions

Question 1

(0)

DRAG DROP Match each type of DoS attack to an example of that type of attack.

Question 2

(0)

DRAG DROP Below are the steps in the workflow for creating a Best Practice Assessment in a firewall and Panorama configuration. Place the steps in order.

Question 3

(0)

When using certificate authentication for firewall administration, which method is used for authorization?

Question 4

(0)

A network administrator wants to use a certificate for the SSL/TLS Service Profile. Which type of certificate should the administrator use?

Question 5

(0)

Using multiple templates in a stack to manage many firewalls provides which two advantages? (Choose two.)

Question 6

(0)

A network security engineer is attempting to peer a virtual router on a PAN-OS firewall with an external router using the BGP protocol. The peer relationship is not establishing. What command could

Question 7

(0)

A network security engineer must implement Quality of Service policies to ensure specific levels of delivery guarantees for various applications in the environment They want to ensure that they know

Question 8

(0)

Which statement regarding HA timer settings is true?

Question 9

(0)

When you navigate to Network: > GlobalProtect > Portals > Method section, which three options are available? (Choose three )

Question 10

(0)

An engineer must configure the Decryption Broker feature Which Decryption Broker security chain supports bi-directional traffic flow?

Question 286 - PCNSE discussion

Which three items must be configured to implement application override? (Choose three )

Custom app

Security policy rule

Application override policy rule

Decryption policy rule

Application filter

Suggested answer: A, B, C

Explanation:

According to the Palo Alto Networks documentation1, application override is where the firewall is configured to override the normal application identification (App-ID) of specific traffic passing through the firewall. To implement application override, the following items must be configured: Custom app: This is a user-defined application that is used to identify the traffic that needs to be overridden. It is recommended to create a custom app for the application override policy, rather than using a predefined app that may have different default ports and threat inspection capabilities2.

Security policy rule: This is a rule that allows the traffic that matches the custom app through the firewall. The security policy rule must use the custom app as the application filter and specify the source and destination zones, addresses, and users as needed2.

Application override policy rule: This is a rule that defines the criteria for overriding the App-ID of the traffic. The application override policy rule must use the custom app as the application filter and specify the source and destination zones, addresses, ports, and protocols as needed2. The other options are not required or relevant for implementing application override:

Decryption policy rule: This is a rule that defines the criteria for decrypting encrypted traffic. It is not related to application override, although decryption may be needed to identify some applications that use encryption.

Application filter: This is an object that groups applications based on various criteria, such as category, subcategory, technology, or risk. It is not an item that must be configured for application override, although it can be used as a reference in security policy rules or custom apps.

Reference: 1: https://live.paloaltonetworks.com/t5/blogs/tips-amp-tricks-how-to-create-anapplication-override/ba-p/451872 2:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVLCA0 :

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/decryption/decryptionconcepts/how-decryption-works : https://docs.paloaltonetworks.com/pan-os/9-1/pan-osadmin/app-id/manage-custom-or-unknown-applications/create-an-application-filter

Show Answer

asked 23/09/2024

Raymond Chan

32 questions

Your answer: A B C D E

0 comments

Sorted by