Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 25

An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or object when new applications are released.

Which object should the administrator use as a match condition in the Security policy?

A network administrator is required to use a dynamic routing protocol for network connectivity.

Which three dynamic routing protocols are supported by the NGFW Virtual Router for this purpose?

(Choose three.)

Given the detailed log information above, what was the result of the firewall traffic inspection?

Which three interface deployment methods can be used to block traffic flowing through the Palo Alto Networks firewall? (Choose three.)

DRAG DROP

Match each rule type with its example

An administrator configured a Security policy rule where the matching condition includes a single application and the action is set to deny. What deny action will the firewall perform?

Which object would an administrator create to enable access to all applications in the officeprograms subcategory?

What do you configure if you want to set up a group of objects based on their ports alone?

View the diagram. What is the most restrictive, yet fully functional rule, to allow general Internet and SSH traffic into both the DMZ and Untrust/lnternet zones from each of the lOT/Guest and Trust Zones?