ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam
Go to Exam

Exam PCNSA topic 1 question 200 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 200
Topic #: 1
[All PCNSA Questions]

An administrator needs to add capability to perform real time signature lookups to block or sinkhole all known malware domains.
Which type of single, unified engine will get this result?

  • A. Content ID
  • B. App-ID
  • C. Security Processing Engine
  • D. User-ID
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by mushi4ka at Sept. 24, 2022, 8:34 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jallic
3 months ago
Selected Answer: A
https://www.paloguard.com/Content-ID.asp#:~:text=Content%2DID%20gives%20you%20a,exploits%2C%20malware%20and%20malware%20communications https://subscription.packtpub.com/book/cloud-and-networking/9781789956375/2/ch02lvl1sec05/understanding-app-id-and-content-id#:~:text=App%2DID%20and%20Content%2DID%20are%20two%20technologies%20that%20go,and%20data%20exfiltration%20is%20prevented. Content-ID gives you a real-time threat prevention engine, combined with a comprehensive URL database, and elements of application identification to: Limit unauthorized data and file transfers Detect and block exploits, malware and malware communications Control unapproved web surfing I believe the answer here is Content ID
upvoted 1 times
...
cjace
8 months ago
The capability to perform real-time signature lookups to block or sinkhole all known malware domains is provided by the Content ID engine12345. Content ID is a threat prevention engine that uses multiple methods to detect and prevent threats at all points of the attack lifecycle1. It includes capabilities such as WildFire, which performs real-time signature lookups12345. Therefore, the correct answer is A. Content ID.
upvoted 1 times
...
OhEmGee
1 year, 11 months ago
Selected Answer: A
Security Processing doesn't have signature matching feature which is asked in the question. https://www.paloaltonetworks.com/resources/pa-series-next-generation-firewalls-hardware-architectures. There's Network Processor, Security Processor, Offload/Signature Matching Processor, and Management Processor. The Security Processing Engine has APP-ID | User-ID | URL match | policy match app decoding | SSL/IPSec | decompression functions. The Signature Matching Processor has Exploits | Virus | Spyware | CC# | SSN functions.
upvoted 2 times
...
markeloff23
2 years, 3 months ago
Selected Answer: A
A is correct
upvoted 1 times
...
mushi4ka
2 years, 3 months ago
Selected Answer: A
Content-IDTM combines a real-time threat prevention engine with a comprehensive URL database and elements of application identification to limit unauthorized data and file transfers and detect and block a wide range of exploits, malware, dangerous web surfing as well as targeted and unknown threats. https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/tech-briefs/techbrief-content-id.pdf
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago