ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 23

List of questions

Question 221

Report Export Collapse

Which statement is true regarding NAT rules?

Become a Premium Member for full access
  Unlock Premium Member

Question 222

Report Export Collapse

After making multiple changes to the candidate configuration of a firewall, the administrator would like to start over with a candidate configuration that matches the running configuration.

Which command in Device > Setup > Operations would provide the most operationally efficient way to accomplish this?

Become a Premium Member for full access
  Unlock Premium Member

Question 223

Report Export Collapse

An administrator is reviewing the Security policy rules shown in the screenshot below.

Which statement is correct about the information displayed?

Palo Alto Networks PCNSA image Question 223 54038 09232024001155000000

Become a Premium Member for full access
  Unlock Premium Member

Question 224

Report Export Collapse

What are the two default behaviors for the intrazone-default policy? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 225

Report Export Collapse

What are two valid selections within an Antivirus profile? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 226

Report Export Collapse

An administrator wants to create a NAT policy to allow multiple source IP addresses to be translated to the same public IP address. What is the most appropriate NAT policy to achieve this?

Become a Premium Member for full access
  Unlock Premium Member

Question 227

Report Export Collapse

Which action can be set in a URL Filtering Security profile to provide users temporary access to all websites in a given category using a provided password?

Become a Premium Member for full access
  Unlock Premium Member

Question 228

Report Export Collapse

What is a function of application tags?

Become a Premium Member for full access
  Unlock Premium Member

Question 229

Report Export Collapse

What are three Palo Alto Networks best practices when implementing the DNS Security Service?

(Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 230

Report Export Collapse

An administrator is investigating a log entry for a session that is allowed and has the end reason of aged-out. Which two fields could help in determining if this is normal? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)