ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 27

List of questions

Question 261

Report
Export
Collapse

Selecting the option to revert firewall changes will replace what settings?

The running configuration with settings from the candidate configuration
The running configuration with settings from the candidate configuration
The candidate configuration with settings from the running configuration
The candidate configuration with settings from the running configuration
The device state with settings from another configuration
The device state with settings from another configuration
Dynamic update scheduler settings
Dynamic update scheduler settings
Suggested answer: A
asked 23/09/2024
Nora Daniels
36 questions

Question 262

Report
Export
Collapse

What can be used as match criteria for creating a dynamic address group?

Usernames
Usernames
IP addresses
IP addresses
Tags
Tags
MAC addresses
MAC addresses
Suggested answer: C
asked 23/09/2024
Gerrit Struik
54 questions

Question 263

Report
Export
Collapse

An administrator needs to allow users to use only certain email applications.

How should the administrator configure the firewall to restrict users to specific email applications?

Create an application filter and filter it on the collaboration category, email subcategory.
Create an application filter and filter it on the collaboration category, email subcategory.
Create an application group and add the email applications to it.
Create an application group and add the email applications to it.
Create an application filter and filter it on the collaboration category.
Create an application filter and filter it on the collaboration category.
Create an application group and add the email category to it.
Create an application group and add the email category to it.
Suggested answer: B
asked 23/09/2024
Nathan Phelan
48 questions

Question 264

Report
Export
Collapse

An administrator has an IP address range in the external dynamic list and wants to create an exception for one specific IP address in this address range.

Which steps should the administrator take?

Add the address range to the Manual Exceptions list and exclude the IP address by selecting the entry.
Add the address range to the Manual Exceptions list and exclude the IP address by selecting the entry.
Add each IP address in the range as a list entry and then exclude the IP address by adding it to the Manual Exceptions list.
Add each IP address in the range as a list entry and then exclude the IP address by adding it to the Manual Exceptions list.
Select the address range in the List Entries list. A column will open with the IP addresses. Select the entry to exclude.
Select the address range in the List Entries list. A column will open with the IP addresses. Select the entry to exclude.
Add the specific IP address from the address range to the Manual Exceptions list by using regular expressions to define the entry.
Add the specific IP address from the address range to the Manual Exceptions list by using regular expressions to define the entry.
Suggested answer: D
asked 23/09/2024
Quoc Nguyen
43 questions

Question 265

Report
Export
Collapse

An administrator is implementing an exception to an external dynamic list by adding an entry to the list manually. The administrator wants to save the changes, but the OK button is grayed out.

What are two possible reasons the OK button is grayed out? (Choose two.)

The entry contains wildcards.
The entry contains wildcards.
The entry is duplicated.
The entry is duplicated.
The entry doesn't match a list entry.
The entry doesn't match a list entry.
The entry matches a list entry.
The entry matches a list entry.
Suggested answer: B, C
asked 23/09/2024
Steven Reyes
37 questions

Question 266

Report
Export
Collapse

An administrator is updating Security policy to align with best practices.

Which Policy Optimizer feature is shown in the screenshot below?

Palo Alto Networks PCNSA image Question 266 54081 09232024001155000000

Rules without App Controls
Rules without App Controls
New App Viewer
New App Viewer
Rule Usage
Rule Usage
Unused Unused Apps
Unused Unused Apps
Suggested answer: C
asked 23/09/2024
Antonio Rodriguez
40 questions

Question 267

Report
Export
Collapse

By default, which action is assigned to the interzone-default rule?

Reset-client
Reset-client
Reset-server
Reset-server
Deny
Deny
Allow
Allow
Suggested answer: C
asked 23/09/2024
Brandy Butman
34 questions

Question 268

Report
Export
Collapse

Which two matching criteria are used when creating a Security policy involving NAT? (Choose two.)

Post-NAT address
Post-NAT address
Post-NAT zone
Post-NAT zone
Pre-NAT zone
Pre-NAT zone
Pre-NAT address
Pre-NAT address
Suggested answer: B, D
asked 23/09/2024
EduBP srl De Sanctis
35 questions

Question 269

Report
Export
Collapse

What are three valid information sources that can be used when tagging users to dynamic user groups? (Choose three.)

Blometric scanning results from iOS devices
Blometric scanning results from iOS devices
Firewall logs
Firewall logs
Custom API scripts
Custom API scripts
Security Information and Event Management Systems (SIEMS), such as Splun
Security Information and Event Management Systems (SIEMS), such as Splun
DNS Security service
DNS Security service
Suggested answer: B, C, E
asked 23/09/2024
FRANK THYS
38 questions

Question 270

Report
Export
Collapse

What is the maximum volume of concurrent administrative account sessions?

Unlimited
Unlimited
2
2
10
10
1
1
Suggested answer: C
asked 23/09/2024
Thao Nguyen
46 questions
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)