>>URL Filtering Security Profiles
Challenges with Preventing Web-Based Threats
Enable business without compromising security
Encrypted web content
Silo management
URL Filtering Features
license required or no license required ---> Firewall
2 methods
Security policies or URL filtering
URL Filtering Profiles
URL Category: Policy Versus Profile
Policies > Security
URL Filtering Log
URL Filtering Security Profile
Objects > Security Profiles > URL Filtering
..default profile is configured to block websites such as known malware sites, phishing sites, and adult..
URL Filtering Security Default Categories
Multi-Category and Risk Based URL Filtering
Objects > Custom Objects > URL Category
Categories indicate:
•The site’s risk
•The site’s content
•The site’s purpose or function
Configure Per-URL Category Actions
URL matching order:
1.Custom URL categories*
2.External Dynamic Lists*
3.PAN DB firewall cache
4.PAN DB cloud
Configure a Custom URL Category
Objects > Custom Objects > URL Category > Add
URL Filtering Response Pages
3 types
URL Admin Settings
Device > Setup > Content ID > URL Admin Override > Add
Configure URL Admin Override password.
Device > Setup > Content ID > URL Filtering
Configure URL Admin Override password timeout period.
Configure Safe Search and Logging Options
Objects > Security Profiles URL Filtering > Add
HTTP Header Insertion and Modification
Real-Time Webpage Analysis
Recommendations for Unknown URL Category
Recommendations for Not Resolved URL Category
URL Filtering Action Precedence
Recategorization Request: Via Log Entries
Monitor > Logs > URL Filtering
Recategorization Requests: Via Webpage
>>Attaching URL Filtering Profiles to Policy Rules
Use a URL Filtering Profile
Assigning URL Profile to Security Rules
Policies > Security > Add
1. Which URL Filtering Profile action will result in a user being interactively prompted for a password?
a. alert
b. allow
c. continue
d. override
override: A response page is sent to the user’s browser that prompts the user for the administrator defined override password and the firewall logs the action to the URL Filtering log
2. According to best practices, which two URL filtering categories should be blocked in most URL Filtering
Profiles? (Choose two.)
a. high risk
b. medium risk
c. new registered domain
d. adult
Best practice is to block high risk and new registered domain in URL Filtering Profiles.
3. Which three statements are true regarding Safe Search Enforcement? (Choose three.)
a. Safe search is a web server setting.
b. Safe search is a web browser setting.
c. Safe search is a best effort setting.
d. Safe search is designed to block violent web content.
e. Safe search works only in conjunction with credential submission websites.
4. True or false? A URL Filtering license is not required to define and use custom URL categories.
a. true
b. false
1. Which Palo Alto Networks Next Generation Firewall URL Category Action sends a response page to the user’s browser that prompts the user for the administrator-defined override password, and logs the action to the URL Filtering log?
continue
block
alert
override
2.Which Next Generation Firewall URL filter setting is used to prevent users who use the Google, Yahoo, Bing, Yandex, or YouTube search engines from viewing search results unless their browser is configured with the strict safe search option.
User Credential Detection
HTTP Header Logging
Safe Search Enforcement
Log Container Page Only
3. A "continue" action can be configured on the following security profiles in the Next Generation firewall:
URL Filtering NO
URL Filtering and File Blocking
URL Filtering and Antivirus
URL Filtering, File Blocking, and Data Filtering No
4. Which URL filtering security profile action logs the category to the URL filtering log?
Allow
Default
Log
Alert
5.Which is the correct URL matching order on a Palo Alto Networks Next Generation Firewall?
Block, Allow, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PAN-DB Cloud
Block, Allow, External Dynamic, Custom URL, PAN-DB Cache, PAN-DB Download, PAN-DB Cloud
Allow, Block, Custom URL, External Dynamic, PAN-DB Cache, PAN-DB Download, PAN-DB Cloud
Block, Allow, Custom URL, External Dynamic, PAN-DB Download, PAN-DB Cloud, PAN-DB Cache
6. Which URL Filtering Profile action will result in a user being interactively prompted for a password?
override
continue
allow
alert
7. According to best practices, which two URL filtering categories should be blocked in most URL Filtering Profiles?
a. new-registered-domain
b. high-risk
adult
medium-risk
8. Which statement is not true regarding Safe Search Enforcement?
Safe search is a best effort setting
Safe search is a web browser setting
Safe search is a web server setting
Safe search works only in conjunction with credential submission websites
Comments