- Home
- Palo Alto Networks
- Palo Alto Networks Certified Network Security Engineer Exam
- PaloAltoNetworks.PCNSE.v2024-09-12.q79
- Question 53
Valid PCNSE Dumps shared by ExamDiscuss.com for Helping Passing PCNSE Exam! ExamDiscuss.com now offer the newest PCNSE exam dumps, the ExamDiscuss.com PCNSE exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PCNSE dumps with Test Engine here:
Access PCNSE Dumps Premium Version
(375 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 53/79
A firewall engineer has determined that, in an application developed by the company's internal team, sessions often remain idle for hours before the client and server exchange any data. The application is also currently identified as unknown-tcp by the firewalls. It is determined that because of a high level of trust, the application does not require to be scanned for threats, but it needs to be properly identified in Traffic logs for reporting purposes.
Which solution will take the least time to implement and will ensure the App-ID engine is used to identify the application?
Which solution will take the least time to implement and will ensure the App-ID engine is used to identify the application?
Correct Answer: C
For an application that is currently identified as unknown-tcp and has sessions that often remain idle for long periods, creating a custom application and using an application override rule is the most time-efficient solution.
C: The process involves:
* Creating a custom application in the Palo Alto Networks firewall and configuring it with specific timeouts to accommodate the application's idle session behavior. This step ensures that the firewall does not prematurely close the application's sessions due to inactivity.
* Next, creating an application override rule that references the custom application. This rule directs the firewall to identify traffic matching the rule criteria (such as source, destination, and port information) as
* the custom application, bypassing the App-ID engine's regular identification process.
This approach allows for the quick implementation of a solution that ensures the application is properly identified in traffic logs without undergoing threat scanning, meeting the requirements for both identification and reporting.
C: The process involves:
* Creating a custom application in the Palo Alto Networks firewall and configuring it with specific timeouts to accommodate the application's idle session behavior. This step ensures that the firewall does not prematurely close the application's sessions due to inactivity.
* Next, creating an application override rule that references the custom application. This rule directs the firewall to identify traffic matching the rule criteria (such as source, destination, and port information) as
* the custom application, bypassing the App-ID engine's regular identification process.
This approach allows for the quick implementation of a solution that ensures the application is properly identified in traffic logs without undergoing threat scanning, meeting the requirements for both identification and reporting.
- Question List (79q)
- Question 1: An engineer is reviewing the following high availability (HA...
- Question 2: During the process of developing a decryption strategy and e...
- Question 3: Where is Palo Alto Networks Device Telemetry data stored on ...
- Question 4: A firewall engineer is configuring quality of service (OoS) ...
- Question 5: A security engineer needs firewall management access on a tr...
- Question 6: What is the best description of the Cluster Synchronization ...
- Question 7: Which operation will impact the performance of the managemen...
- Question 8: A network administrator is trying to prevent domain username...
- Question 9: A company has configured GlobalProtect to allow their users ...
- Question 10: An engineer needs to configure a standardized template for a...
- Question 11: An administrator troubleshoots an issue that causes packet d...
- Question 12: An engineer is designing a deployment of multi-vsys firewall...
- Question 13: What would allow a network security administrator to authent...
- Question 14: An engineer configures SSL decryption in order to have more ...
- Question 15: During the implementation of SSL Forward Proxy decryption, a...
- Question 16: (Exhibit) Review the images. A firewall policy that permits ...
- Question 17: A firewall administrator is configuring an IPSec tunnel betw...
- Question 18: Which statement about High Availability timer settings is tr...
- Question 19: A network security engineer needs to enable Zone Protection ...
- Question 20: An engineer is monitoring an active/active high availability...
- Question 21: Phase two of a VPN will not establish a connection. The peer...
- Question 22: An engineer manages a high availability network and requires...
- Question 23: Which source is the most reliable for collecting User-ID use...
- Question 24: When an engineer configures an active/active high availabili...
- Question 25: A company has recently migrated their branch office's PA-220...
- 1 commentQuestion 26: Which server platforms can be monitored when a company is de...
- Question 27: Refer to Exhibit: (Exhibit) An administrator can not see any...
- Question 28: Information Security is enforcing group-based policies by us...
- Question 29: If an administrator wants to apply QoS to traffic based on s...
- Question 30: Which log type would provide information about traffic block...
- Question 31: A firewall engineer creates a source NAT rule to allow the c...
- Question 32: An organization wants to begin decrypting guest and BYOD tra...
- Question 33: Refer to the exhibit. (Exhibit) Using the above screenshot o...
- Question 34: What happens when the log forwarding built-in action with ta...
- Question 35: (Exhibit) Based on the screenshots above, and with no config...
- Question 36: In a template, which two objects can be configured? (Choose ...
- Question 37: When you import the configuration of an HA pair into Panoram...
- Question 38: After switching to a different WAN connection, users have re...
- Question 39: Which three external authentication services can the firewal...
- Question 40: Which two profiles should be configured when sharing tags fr...
- Question 41: An administrator is attempting to create policies tor deploy...
- Question 42: A network security administrator has an environment with mul...
- Question 43: Which three multi-factor authentication methods can be used ...
- Question 44: A network security administrator wants to begin inspecting b...
- Question 45: What are three tasks that cannot be configured from Panorama...
- Question 46: An administrator Just enabled HA Heartbeat Backup on two dev...
- Question 47: A network administrator wants to deploy SSL Forward Proxy de...
- Question 48: An administrator needs to identify which NAT policy is being...
- Question 49: What happens, by default, when the GlobalProtect app fails t...
- Question 50: An administrator has purchased WildFire subscriptions for 90...
- Question 51: An engineer must configure a new SSL decryption deployment. ...
- Question 52: ln a security-first network, what is the recommended thresho...
- Question 53: A firewall engineer has determined that, in an application d...
- Question 54: Why are external zones required to be configured on a Palo A...
- Question 55: An administrator is troubleshooting why video traffic is not...
- Question 56: An engineer troubleshoots a high availability (HA) link that...
- Question 57: What can the Log Forwarding built-in action with tagging be ...
- Question 58: An organization conducts research on the benefits of leverag...
- Question 59: An administrator has a Palo Alto Networks NGFW. All security...
- Question 60: In the New App Viewer under Policy Optimizer, what does the ...
- Question 61: When a new firewall joins a high availability (HA) cluster, ...
- Question 62: A company configures its WildFire analysis profile to forwar...
- Question 63: After implementing a new NGFW, a firewall engineer sees a Vo...
- Question 64: PBF can address which two scenarios? (Choose two.)...
- Question 65: Which GloDalProtecI gateway setting is required to enable sp...
- Question 66: When you troubleshoot an SSL Decryption issue, which PAN-OS ...
- Question 67: A firewall engineer creates a NAT rule to translate IP addre...
- Question 68: A superuser is tasked with creating administrator accounts f...
- Question 69: What can be used as an Action when creating a Policy-Based F...
- Question 70: An engineer is designing a deployment of multi-vsys firewall...
- Question 71: Which two actions must an engineer take to configure SSL For...
- Question 72: An engineer decides to use Panorama to upgrade devices to PA...
- Question 73: Match the terms to their corresponding definitions (Exhibit)...
- Question 74: A company wants to implement threat prevention to take actio...
- Question 75: A security engineer wants to upgrade the company's deployed ...
- Question 76: An administrator needs to evaluate a recent policy change th...
- Question 77: An administrator is using Panorama to manage multiple firewa...
- Question 78: An engineer is configuring Packet Buffer Protection on ingre...
- Question 79: What type of address object would be useful for internal dev...
[×]
Download PDF File
Enter your email address to download PaloAltoNetworks.PCNSE.v2024-09-12.q79.pdf