netsec-generalist Free Sample Questions

A financial services company is deploying a Zero Trust architecture. A key requirement is to ensure that only authenticated and authorized users on compliant devices can access internal applications. A security architect has configured GlobalProtect with Host Information Profile (HIP) checks and User-ID. During testing, a user on a non-compliant device is still able to access a sensitive application. The Security policy rule for this application correctly specifies the user's group. What is the most likely misconfiguration causing this policy failure?

A network engineer observes that traffic destined for a trusted internal web server, which is protected by a Palo Alto Networks firewall with SSL Inbound Inspection, is being dropped. The traffic logs show the session is ending with a 'decrypt-error' message. The server uses a certificate signed by an internal Certificate Authority (CA). Which two actions are most likely to resolve this issue? (Select TWO)

An administrator is configuring a new VM-Series firewall in Azure to inspect traffic between a 'spoke' Virtual Network (VNet) and a 'hub' VNet. The spoke VNet is peered with the hub VNet, which contains the firewall. The administrator has configured User-Defined Routes (UDRs) in the spoke VNet to direct all traffic (0.0.0.0/0) to the firewall's internal interface. However, systems in the spoke VNet cannot access the internet. What is the most likely cause of this issue?

A retail company uses Prisma SD-WAN to connect its stores to a central data center. To improve the performance of a custom point-of-sale (POS) application, an administrator has created a path policy to prioritize this traffic over an MPLS link. However, monitoring tools show that the POS application traffic is still being sent over the backup broadband internet link, causing slow transaction times. What is the most likely reason for the path policy not being applied as intended?

A consultant is designing a Prisma Access deployment for a global enterprise. The enterprise has a significant presence in both North America and Asia, with users in both regions needing low-latency access to private applications hosted in an AWS VPC in the `us-east-1` region. Which Prisma Access components are required to provide an optimal and secure solution? (Select THREE)

A large enterprise manages over 500 firewalls globally using Panorama. A junior administrator is tasked with creating a new Security policy rule to block a newly identified malicious application. To ensure the rule is applied globally and consistently, what is the best practice for deploying this rule using Panorama?

True or False: When configuring Enterprise DLP, a data pattern for 'Credit Card Numbers' is applied to a Security policy rule. This configuration, by itself, is sufficient to both detect and block the exfiltration of credit card numbers in web traffic.

A hospital has implemented Palo Alto Networks IoT Security to protect its medical devices. The security team receives an alert for a device identified as an 'Infusion Pump' that is attempting to connect to an external IP address using SSH. This behavior violates the hospital's security policy. Based on IoT Security best practices, what is the most effective and least disruptive way to prevent this specific activity while allowing the pump to perform its normal functions?

A security analyst is reviewing the Threat logs and notices that a PDF file downloaded by a user was assigned a 'malicious' verdict by Advanced WildFire. The firewall configuration includes a Security policy rule with a WildFire Analysis profile set to 'alert' for all file types. The user's machine is now showing signs of compromise. To prevent this from happening in the future, what is the most critical configuration change?

The Best Practice Assessment (BPA) tool has been run against a firewall configuration. The report indicates a 60% adoption rate for 'Content-ID Best Practices' and flags several Security policy rules that use service objects (e.g., 'service-http') instead of App-ID. What is the primary security risk associated with this configuration?