ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Report Export Collapse

Which interface type is used to monitor traffic and cannot be used to perform traffic shaping?

Layer 2
Layer 2
Tap
Tap
Layer 3
Layer 3
Virtual Wire
Virtual Wire
Suggested answer: B
asked 23/09/2024
Lipon Uddin
42 questions

Question 32

Report Export Collapse

Which administrator type provides more granular options to determine what the administrator can view and modify when creating an administrator account?

Root
Root
Dynamic
Dynamic
Role-based
Role-based
Superuser
Superuser
Suggested answer: C
asked 23/09/2024
Shaun Kilmartin
31 questions

Question 33

Report Export Collapse

Which administrator type utilizes predefined roles for a local administrator account?

Superuser
Superuser
Role-based
Role-based
Dynamic
Dynamic
Device administrator
Device administrator
Suggested answer: C
Explanation:

References:

asked 23/09/2024
Gilbert Ciepluch
60 questions

Question 34

Report Export Collapse

Which two security profile types can be attached to a security policy? (Choose two.)

antivirus
antivirus
DDoS protection
DDoS protection
threat
threat
vulnerability
vulnerability
Suggested answer: A, D
Explanation:

References:

asked 23/09/2024
Farid Tannouch
40 questions

Question 35

Report Export Collapse

The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.

Which security profile feature could have been used to prevent the communication with the CnC server?

Create an anti-spyware profile and enable DNS Sinkhole
Create an anti-spyware profile and enable DNS Sinkhole
Create an antivirus profile and enable DNS Sinkhole
Create an antivirus profile and enable DNS Sinkhole
Create a URL filtering profile and block the DNS Sinkhole category
Create a URL filtering profile and block the DNS Sinkhole category
Create a security policy and enable DNS Sinkhole
Create a security policy and enable DNS Sinkhole
Suggested answer: A
Explanation:

References:

asked 23/09/2024
Elena Albu
44 questions

Question 36

Report Export Collapse

Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?

Active Directory monitoring
Active Directory monitoring
Windows session monitoring
Windows session monitoring
Windows client probing
Windows client probing
domain controller monitoring
domain controller monitoring
Suggested answer: A
asked 23/09/2024
Vladimir Kornfeld
48 questions

Question 37

Report Export Collapse

What are three differences between security policies and security profiles? (Choose three.)

Security policies are attached to security profiles
Security policies are attached to security profiles
Security profiles are attached to security policies
Security profiles are attached to security policies
Security profiles should only be used on allowed traffic
Security profiles should only be used on allowed traffic
Security profiles are used to block traffic by themselves
Security profiles are used to block traffic by themselves
Security policies can block or allow traffic
Security policies can block or allow traffic
Suggested answer: B, C, E
asked 23/09/2024
Abdulilah Alhousainy
45 questions

Question 38

Report Export Collapse

Given the image, which two options are true about the Security policy rules. (Choose two.)

Palo Alto Networks PCNSA image Question 38 53853 09232024001155000000

The Allow Office Programs rule is using an Application Filter
The Allow Office Programs rule is using an Application Filter
In the Allow FTP to web server rule, FTP is allowed using App-ID
In the Allow FTP to web server rule, FTP is allowed using App-ID
The Allow Office Programs rule is using an Application Group
The Allow Office Programs rule is using an Application Group
In the Allow Social Networking rule, allows all of Facebook's functions
In the Allow Social Networking rule, allows all of Facebook's functions
Suggested answer: A, D
Explanation:

In the Allow FTP to web server rule, FTP is allowed using port based rule and not APP-ID.

asked 23/09/2024
DANNY GARCIA
41 questions

Question 39

Report Export Collapse

Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

global
global
intrazone
intrazone
interzone
interzone
universal
universal
Suggested answer: D
Explanation:

References:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClomCAC

asked 23/09/2024
safiqueahmed kazi
42 questions

Question 40

Report Export Collapse

Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?

GlobalProtect
GlobalProtect
AutoFocus
AutoFocus
Aperture
Aperture
Panorama
Panorama
Suggested answer: A
asked 23/09/2024
Ubeydullah Kara
41 questions
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)