ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 19

List of questions

Question 181

Report Export Collapse

What two authentication methods on the Palo Alto Networks firewalls support authentication and authorization for role-based access control? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 182

Report Export Collapse

Choose the option that correctly completes this statement. A Security Profile can block or allow traffic ____________.

Become a Premium Member for full access
  Unlock Premium Member

Question 183

Report Export Collapse

Palo Alto Networks PCNSA image Question 183 53998 09232024001155000000

Given the topology, which zone type should you configure for firewall interface E1/1?

Become a Premium Member for full access
  Unlock Premium Member

Question 184

Report Export Collapse

Which two features can be used to tag a username so that it is included in a dynamic user group?

(Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 185

Report Export Collapse

For the firewall to use Active Directory to authenticate users, which Server Profile is required in the Authentication Profile?

Become a Premium Member for full access
  Unlock Premium Member

Question 186

Report Export Collapse

Which type of security policy rule will match traffic that flows between the Outside zone and inside zone, but would not match traffic that flows within the zones?

Become a Premium Member for full access
  Unlock Premium Member

Question 187

Report Export Collapse

Which license is required to use the Palo Alto Networks built-in IP address EDLs?

Become a Premium Member for full access
  Unlock Premium Member

Question 188

Report Export Collapse

Which component is a building block in a Security policy rule?

Become a Premium Member for full access
  Unlock Premium Member

Question 189

Report Export Collapse

An administrator would like to use App-ID's deny action for an application and would like that action updated with dynamic updates as new content becomes available.

Which security policy action causes this?

Become a Premium Member for full access
  Unlock Premium Member

Question 190

Report Export Collapse

Which DNS Query action is recommended for traffic that is allowed by Security policy and matches Palo Alto Networks Content DNS Signatures?

Become a Premium Member for full access
  Unlock Premium Member
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)