Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 11
List of questions
Related questions
Question 101
You must configure which firewall feature to enable a data-plane interface to submit DNS queries on behalf of the control plane?
Question 102
Which license must an administrator acquire prior to downloading Antivirus updates for use with the firewall?
Question 103
Which definition describes the guiding principle of the zero-trust architecture?
Explanation:
Reference:
https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture
Question 104
Four configuration choices are listed, and each could be used to block access to a specific URL. If you configured each choices to block the sameURL then which choice would be the last to block access to the URL?
Explanation:
The precedence is from the top down; First Match Wins: 1) Block list: Manually entered blocked URLsObjects - 2) Allow list: Manually entered allowed URLs Objects - 3) Custom URL Categories - 4) CachedCached: URLs learned from External Dynamic Lists (EDLs) - 5) Pre-Defined Categories: PAN-DB orBrightcloud categories.
Question 105
The CFO found a malware infected USB drive in the parking lot, which when inserted infected their corporate laptop the malware contacted a known command-and-control server which exfiltrating corporate data.
Which Security profile feature could have been used to prevent the communications with the command-and-control server?
Question 106
Which two features can be used to tag a user name so that it is included in a dynamic user group?
(Choose two)
Explanation:
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/url-filtering/url-filtering-concepts/urlfiltering-profile-actions
Question 107
Based on the security policy rules shown, ssh will be allowed on which port?
Question 108
Which action results in the firewall blocking network traffic with out notifying the sender?
Question 109
All users from the internal zone must be allowed only Telnet access to a server in the DMZ zone.
Complete the two empty fields in the Security Policy rules that permits only this type of access.
Source Zone: Internal Destination Zone: DMZ Zone Application: _________? Service: ____________?
Action: allow
Choose two.
Question 110
Which type of administrative role must you assign to a firewall administrator account, if the account must include a custom set of firewall permissions?
Explanation:
Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/firewalladministration/manage-firewall-administrators/administrative-role-types.html
Question