Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 21

Which built-in IP address EDL would be useful for preventing traffic from IP addresses that are verified as unsafe based on WildFire analysis Unit 42 research and data gathered from telemetry?

The compliance officer requests that all evasive applications need to be blocked on all perimeter firewalls out to the internet The firewall is configured with two zones; 1. trust for internal networks 2. untrust to the internet Based on the capabilities of the Palo Alto Networks NGFW, what are two ways to configure a security policy using App-ID to comply with this request? (Choose two )

What must be configured before setting up Credential Phishing Prevention?

What allows a security administrator to preview the Security policy rules that match new application signatures?

Which statement best describes the use of Policy Optimizer?

An address object of type IP Wildcard Mask can be referenced in which part of the configuration?

An administrator would like to determine the default deny action for the application dns-over-httpsWhich action would yield the information?

An administrator needs to create a Security policy rule that matches DNS traffic within the LAN zone, and also needs to match DNS traffic within the DMZ zone The administrator does not want to allow traffic between the DMZ and LAN zones.

Which Security policy rule type should they use?

DRAG DROP

Match the Palo Alto Networks Security Operating Platform architecture to its description.