ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 29

Add to Whishlist

List of questions

Question 281

Report Export Collapse

Which User Credential Detection method should be applied within a URL Filtering Security profile to check for the submission of a valid corporate username and the associated password?

Become a Premium Member for full access
  Unlock Premium Member

Question 282

Report Export Collapse

Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic?

Become a Premium Member for full access
  Unlock Premium Member

Question 283

Report Export Collapse

If users from the Trusted zone need to allow traffic to an SFTP server in the DMZ zone, how should a Security policy with App-ID be configured?

Become a Premium Member for full access
  Unlock Premium Member

Question 284

Report Export Collapse

All users from the internal zone must be allowed only HTTP access to a server in the DMZ zone.

Complete the empty field in the Security policy using an application object to permit only this type of access.

Source Zone: Internal -

Destination Zone: DMZ Zone -

Application: __________

Service: application-default -

Action: allow

Become a Premium Member for full access
  Unlock Premium Member

Question 285

Report Export Collapse

A network administrator created an intrazone Security policy rule on the firewall. The source zones were set to IT. Finance, and HR.

Which two types of traffic will the rule apply to? (Choose two)

Become a Premium Member for full access
  Unlock Premium Member

Question 286

Report Export Collapse

Which three filter columns are available when setting up an Application Filter? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 287

Report Export Collapse

What are three ways application characteristics are used? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 288

Report Export Collapse

Files are sent to the WildFire cloud service via the WildFire Analysis Profile. How are these files used?

Become a Premium Member for full access
  Unlock Premium Member

Question 289

Report Export Collapse

In which section of the PAN-OS GUI does an administrator configure URL Filtering profiles?

Become a Premium Member for full access
  Unlock Premium Member

Question 290

Report Export Collapse

By default, what is the maximum number of templates that can be added to a template stack?

Become a Premium Member for full access
  Unlock Premium Member
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)