PCNSE IoT Security & Device-ID Quiz
1. Which two Palo Alto Networks subscription services are required for IoT Security? (Choose two)
A. Cortex Data Lake
B. Cortex XDR
C. Device Security
D. IoT Security
2. Which interface mode allows a firewall to observe DHCP traffic without being inline?
A. Virtual Wire
B. Layer 3
C. Layer 2
D. Tap
3. Which policy types can utilize Device-ID as a match condition? (Choose two)
A. NAT
B. QoS
C. Decryption
D. Tunnel Inspection
4. What is the primary purpose of Enhanced Application Logs (EALs) in IoT Security?
A. To store firewall configurations
B. To provide detailed traffic metadata for device identification
C. To monitor user login activities
D. To manage VPN connections
5. Which two tasks are performed at the firewall for Device-ID configuration? (Choose two)
A. Activate the Cortex Data Lake instance
B. Enable Device-ID per zone
C. Configure a Log Forwarding Profile
D. Activate the IoT Security app
6. True or False: Device-ID allows policy rules to remain effective even if a device's IP address changes.
A. True
B. False
7. What is the first step in the IoT Security approach to securing devices?
A. Blocking unauthorized access
B. Identifying and classifying devices
C. Encrypting device communications
D. Updating device firmware
8. Which level of device classification identifies the industry in which the device operates?
A. Category
B. Profile
C. OS Family
D. Vendor
9. Which two subscriptions are required to enable IoT Security features on a firewall? (Choose two)
A. Threat Prevention
B. WildFire
C. IoT Security
D. DNS Security
10. What is the primary benefit of using Device-ID in security policies?
A. Policies are based on IP addresses
B. Policies adapt to device changes
C. Policies are static and unchanging
D. Policies are based on user identities
Submit Answers