Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 295

An administrator wants to configure the Palo Alto Networks Windows User-ID agent to map IP addresses to usernames.

The company uses four Microsoft Active Directory servers and two Microsoft Exchange servers, which can provide logs for login events.

All six servers have IP addresses assigned from the following subnet: 192.168.28.32/27.
The Microsoft Active Directory servers reside in 192.168.28.32/28, and the Microsoft Exchange servers reside in 192.168.28.48/28.

What information does the administrator need to provide in the User Identification > Discovery section?

Answer options

• A. the IP-address and corresponding server type (Microsoft Active Directory or Microsoft Exchange) for each of the six servers
• B. network 192.168.28.32/28 with server type Microsoft Active Directory and network 192.168.28.48/28 with server type Microsoft Exchange
• C. one IP address of a Microsoft Active Directory server and “Auto Discover” enabled to automatically obtain all five of the other servers
• D. network 192.168.28.32/27 with server type Microsoft

Correct answer: A

Explanation

The correct answer is A because the administrator needs to specify the IP address and server type for each server to ensure accurate mapping of usernames to IPs. Option B is incorrect as it does not include all six servers, and option C incorrectly suggests relying on Auto Discover, which may not capture all necessary servers. Option D is also wrong because it provides an incorrect subnet and does not specify the server types appropriately.