ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 15

List of questions

Question 141

Report Export Collapse

Assume a custom URL Category Object of "NO-FILES" has been created to identify a specific website How can file uploading/downloading be restricted for the website while permitting general browsing access to that website?

Create a Security policy with a URL Filtering profile that references the site access setting of continue to NO-FILES
Create a Security policy with a URL Filtering profile that references the site access setting of continue to NO-FILES
Create a Security policy with a URL Filtering profile that references the site access setting of block to NO-FILES
Create a Security policy with a URL Filtering profile that references the site access setting of block to NO-FILES
Create a Security policy that references NO-FILES as a URL Category qualifier, with an appropriate Data Filtering profile
Create a Security policy that references NO-FILES as a URL Category qualifier, with an appropriate Data Filtering profile
Create a Security policy that references NO-FILES as a URL Category qualifier, with an appropriate File Blocking profile
Create a Security policy that references NO-FILES as a URL Category qualifier, with an appropriate File Blocking profile
Suggested answer: B
asked 23/09/2024
None None
45 questions

Question 142

Report Export Collapse

Which three types of authentication services can be used to authenticate user traffic flowing through the firewalls data plane? (Choose three )

TACACS
TACACS
SAML2
SAML2
SAML10
SAML10
Kerberos
Kerberos
TACACS+
TACACS+
Suggested answer: A, B, D
asked 23/09/2024
Nicolas GARCIA
38 questions

Question 143

Report Export Collapse

Given the screenshot what two types of route is the administrator configuring? (Choose two )

Palo Alto Networks PCNSA image Question 143 53958 09232024001155000000

default route
default route
OSPF
OSPF
BGP
BGP
static route
static route
Suggested answer: A
asked 23/09/2024
Kohsuke Shimizu
40 questions

Question 144

Report Export Collapse

Based on the screenshot what is the purpose of the group in User labelled "it"?

Palo Alto Networks PCNSA image Question 144 53959 09232024001155000000

Allows users to access IT applications on all ports
Allows users to access IT applications on all ports
Allows users in group "DMZ" lo access IT applications
Allows users in group "DMZ" lo access IT applications
Allows "any" users to access servers in the DMZ zone
Allows "any" users to access servers in the DMZ zone
Allows users in group "it" to access IT applications
Allows users in group "it" to access IT applications
Suggested answer: D
asked 23/09/2024
Najim Abdelmoula
51 questions

Question 145

Report Export Collapse

Which dynamic update type includes updated anti-spyware signatures?

Applications and Threats
Applications and Threats
GlobalProtect Data File
GlobalProtect Data File
Antivirus
Antivirus
PAN-DB
PAN-DB
Suggested answer: A
asked 23/09/2024
Jerin cherian
46 questions

Question 146

Report Export Collapse

Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?

override
override
allow
allow
block
block
continue
continue
Suggested answer: B
asked 23/09/2024
M Kumar
43 questions

Question 147

Report Export Collapse

Palo Alto Networks PCNSA image Question 147 53962 09232024001155000000

Given the network diagram, traffic should be permitted for both Trusted and Guest users to access general Internet and DMZ servers using SSH. web-browsing and SSL applications Which policy achieves the desired results?

Suggested answer: B
asked 23/09/2024
Dimitar Krachunov
35 questions

Question 148

Report Export Collapse

Which action results in the firewall blocking network traffic without notifying the sender?

Deny
Deny
No notification
No notification
Drop
Drop
Reset Client
Reset Client
Suggested answer: C
asked 23/09/2024
Thiago B
45 questions

Question 149

Report Export Collapse

Which type of profile must be applied to the Security policy rule to protect against buffer overflows illegal code execution and other attempts to exploit system flaws''

anti-spyware
anti-spyware
URL filtering
URL filtering
vulnerability protection
vulnerability protection
file blocking
file blocking
Suggested answer: C
Explanation:

Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-web-interfacehelp/objects/objects-security-profiles-vulnerability-protection.html

asked 23/09/2024
Jesse Serrano
39 questions

Question 150

Report Export Collapse

An administrator is reviewing another administrator s Security policy log settings Which log setting configuration is consistent with best practices tor normal traffic?

Log at Session Start and Log at Session End both enabled
Log at Session Start and Log at Session End both enabled
Log at Session Start disabled Log at Session End enabled
Log at Session Start disabled Log at Session End enabled
Log at Session Start enabled Log at Session End disabled
Log at Session Start enabled Log at Session End disabled
Log at Session Start and Log at Session End both disabled
Log at Session Start and Log at Session End both disabled
Suggested answer: B
asked 23/09/2024
KENEILWE DITHLAGE
47 questions
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)