ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCNSA

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 10

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which statement is true about Panorama managed devices?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)
An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)

Question 91

Report
Export
Collapse

Which statements is true regarding a Heatmap report?

A.
When guided by authorized sales engineer, it helps determine te areas of greatest security risk.
A.
When guided by authorized sales engineer, it helps determine te areas of greatest security risk.
Answers
B.
It provides a percentage of adoption for each assessment area.
B.
It provides a percentage of adoption for each assessment area.
Answers
C.
It runs only on firewall.
C.
It runs only on firewall.
Answers
D.
It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture.
D.
It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture.
Answers
Suggested answer: B

Explanation:

Reference: https://live.paloaltonetworks.com/t5/best-practice-assessment-blogs/the-best-practiceassessment-bpa-tool-for-ngfw-and-panorama/ba-p/248343

Question 92

Report
Export
Collapse

Starting with PAN_OS version 9.1 which new type of object is supported for use within the user field of a security policy rule?

A.
local username
A.
local username
Answers
B.
dynamic user group
B.
dynamic user group
Answers
C.
remote username
C.
remote username
Answers
D.
static user group
D.
static user group
Answers
Suggested answer: B

Question 93

Report
Export
Collapse

Which two statements are true for the DNS security service introduced in PAN-OS version 10.0?

A.
It functions like PAN-DB and requires activation through the app portal.
A.
It functions like PAN-DB and requires activation through the app portal.
Answers
B.
It removes the 100K limit for DNS entries for the downloaded DNS updates.
B.
It removes the 100K limit for DNS entries for the downloaded DNS updates.
Answers
C.
IT eliminates the need for dynamic DNS updates.
C.
IT eliminates the need for dynamic DNS updates.
Answers
D.
IT is automatically enabled and configured.
D.
IT is automatically enabled and configured.
Answers
Suggested answer: A, B

Question 94

Report
Export
Collapse

Which three statement describe the operation of Security Policy rules or Security Profiles? (Choose three)

A.
Security policy rules inspect but do not block traffic.
A.
Security policy rules inspect but do not block traffic.
Answers
B.
Security Profile should be used only on allowed traffic.
B.
Security Profile should be used only on allowed traffic.
Answers
C.
Security Profile are attached to security policy rules.
C.
Security Profile are attached to security policy rules.
Answers
D.
Security Policy rules are attached to Security Profiles.
D.
Security Policy rules are attached to Security Profiles.
Answers
E.
Security Policy rules can block or allow traffic.
E.
Security Policy rules can block or allow traffic.
Answers
Suggested answer: B, C, E

Question 95

Report
Export
Collapse

Based on the screenshot what is the purpose of the included groups?

A.
They are only groups visible based on the firewall's credentials.
A.
They are only groups visible based on the firewall's credentials.
Answers
B.
They are used to map usernames to group names.
B.
They are used to map usernames to group names.
Answers
C.
They contain only the users you allow to manage the firewall.
C.
They contain only the users you allow to manage the firewall.
Answers
D.
They are groups that are imported from RADIUS authentication servers.
D.
They are groups that are imported from RADIUS authentication servers.
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-users-to-groups.html

Question 96

Report
Export
Collapse

What is an advantage for using application tags?

A.
They are helpful during the creation of new zones
A.
They are helpful during the creation of new zones
Answers
B.
They help with the design of IP address allocations in DHCP.
B.
They help with the design of IP address allocations in DHCP.
Answers
C.
They help content updates automate policy updates
C.
They help content updates automate policy updates
Answers
D.
They help with the creation of interfaces
D.
They help with the creation of interfaces
Answers
Suggested answer: C

Question 97

Report
Export
Collapse

Which operations are allowed when working with App-ID application tags?

A.
Predefined tags may be deleted.
A.
Predefined tags may be deleted.
Answers
B.
Predefined tags may be augmented by custom tags.
B.
Predefined tags may be augmented by custom tags.
Answers
C.
Predefined tags may be modified.
C.
Predefined tags may be modified.
Answers
D.
Predefined tags may be updated by WildFire dynamic updates.
D.
Predefined tags may be updated by WildFire dynamic updates.
Answers
Suggested answer: B

Question 98

Report
Export
Collapse

You need to allow users to access the officeñsuite application of their choice. How should you configure the firewall to allow access to any office-suite application?

A.
Create an Application Group and add Office 365, Evernote Google Docs and Libre Office
A.
Create an Application Group and add Office 365, Evernote Google Docs and Libre Office
Answers
B.
Create an Application Group and add business-systems to it.
B.
Create an Application Group and add business-systems to it.
Answers
C.
Create an Application Filter and name it Office Programs, then filter it on the office programs subcategory.
C.
Create an Application Filter and name it Office Programs, then filter it on the office programs subcategory.
Answers
D.
Create an Application Filter and name it Office Programs then filter on the business-systems category.
D.
Create an Application Filter and name it Office Programs then filter on the business-systems category.
Answers
Suggested answer: C

Question 99

Report
Export
Collapse

In which profile should you configure the DNS Security feature?

A.
URL Filtering Profile
A.
URL Filtering Profile
Answers
B.
Anti-Spyware Profile
B.
Anti-Spyware Profile
Answers
C.
Zone Protection Profile
C.
Zone Protection Profile
Answers
D.
Antivirus Profile
D.
Antivirus Profile
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/dnssecurity/enable- dnssecurity.html

Question 100

Report
Export
Collapse

Access to which feature requires PAN-OS Filtering licens?

A.
PAN-DB database
A.
PAN-DB database
Answers
B.
URL external dynamic lists
B.
URL external dynamic lists
Answers
C.
Custom URL categories
C.
Custom URL categories
Answers
D.
DNS Security
D.
DNS Security
Answers
Suggested answer: A

Explanation:

Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/activatelicenses-and-subscriptions.html

Total 362 questions
Go to page: of 37
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms