To protect against port scans from the internet, a Zone Protection Profile should be applied to the zone of the ingress interface. This profile helps defend the network by setting thresholds for various types of scans and attacks, including port scans, thus reducing the risk of reconnaissance activities that precede actual attacks (Palo Alto Networks) (Palo Alto Networks).QUESTION NO: 43
When log sizing is factored for the Cortex Data Lake on the NGFW, what is the average log size used in calculation?
A. 8MB
B. depends on the Cortex Data Lake tier purchased
C. 18 bytes
D. 1500 bytes
Answer: D
When calculating log sizing for the Cortex Data Lake on the NGFW, the average log size used is 1500 bytes. This size helps in estimating storage requirements and planning for log retention policies efficiently, ensuring that there is adequate storage capacity to handle the volume of logs generated by the network firewalls (Palo Alto Networks) (Palo Alto Networks).QUESTION NO: 44
What can be applied to prevent users from unknowingly downloading malicious file types from the internet?
A. A vulnerability profile to security policy rules that deny general web access
B. An antivirus profile to security policy rules that deny general web access
C. A zone protection profile to the untrust zone
D. A file blocking profile to security policy rules that allow general web access
Answer: D
To prevent users from unknowingly downloading malicious file types from the internet, a File Blocking Profile should be applied to security policy rules that allow general web access. This profile can be configured to block or alert on downloads of specific file types that are commonly used to deliver malware, providing an additional layer of protection against threats (Palo Alto Networks) (Palo Alto Networks).