ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCNSA

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 5

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)
An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
Which statement is true about Panorama managed devices?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)

Question 41

Report
Export
Collapse

Given the scenario, which two statements are correct regarding multiple static default routes?

(Choose two.)

A.
Path monitoring does not determine if route is useable
A.
Path monitoring does not determine if route is useable
Answers
B.
Route with highest metric is actively used
B.
Route with highest metric is actively used
Answers
C.
Path monitoring determines if route is useable
C.
Path monitoring determines if route is useable
Answers
D.
Route with lowest metric is actively used
D.
Route with lowest metric is actively used
Answers
Suggested answer: C, D

Question 42

Report
Export
Collapse

Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate malicious code against a targeted machine.

A.
Exploitation
A.
Exploitation
Answers
B.
Installation
B.
Installation
Answers
C.
Reconnaissance
C.
Reconnaissance
Answers
D.
Act on Objective
D.
Act on Objective
Answers
Suggested answer: A

Question 43

Report
Export
Collapse

Which file is used to save the running configuration with a Palo Alto Networks firewall?

A.
running-config.xml
A.
running-config.xml
Answers
B.
run-config.xml
B.
run-config.xml
Answers
C.
running-configuration.xml
C.
running-configuration.xml
Answers
D.
run-configuratin.xml
D.
run-configuratin.xml
Answers
Suggested answer: A

Question 44

Report
Export
Collapse

In the example security policy shown, which two websites blocked? (Choose two.)

A.
LinkedIn
A.
LinkedIn
Answers
B.
Facebook
B.
Facebook
Answers
C.
YouTube
C.
YouTube
Answers
D.
Amazon
D.
Amazon
Answers
Suggested answer: A, B

Question 45

Report
Export
Collapse

Which two Palo Alto Networks security management tools provide a consolidated creation of policies, centralized management and centralized threat intelligence. (Choose two.)

A.
GlobalProtect
A.
GlobalProtect
Answers
B.
Panorama
B.
Panorama
Answers
C.
Aperture
C.
Aperture
Answers
D.
AutoFocus
D.
AutoFocus
Answers
Suggested answer: B, D

Question 46

Report
Export
Collapse

Which statement is true regarding a Prevention Posture Assessment?

A.
The Security Policy Adoption Heatmap component filters the information by device groups, serial numbers, zones, areas of architecture, and other categories
A.
The Security Policy Adoption Heatmap component filters the information by device groups, serial numbers, zones, areas of architecture, and other categories
Answers
B.
It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture
B.
It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture
Answers
C.
It provides a percentage of adoption for each assessment area
C.
It provides a percentage of adoption for each assessment area
Answers
D.
It performs over 200 security checks on Panorama/firewall for the assessment
D.
It performs over 200 security checks on Panorama/firewall for the assessment
Answers
Suggested answer: B

Question 47

Report
Export
Collapse

Which five Zero Trust concepts does a Palo Alto Networks firewall apply to achieve an integrated approach to prevent threats? (Choose five.)

A.
User identification
A.
User identification
Answers
B.
Filtration protection
B.
Filtration protection
Answers
C.
Vulnerability protection
C.
Vulnerability protection
Answers
D.
Antivirus
D.
Antivirus
Answers
E.
Application identification
E.
Application identification
Answers
F.
Anti-spyware
F.
Anti-spyware
Answers
Suggested answer: A, C, D, E, F

Question 48

Report
Export
Collapse

The PowerBall Lottery has reached a high payout amount and a company has decided to help employee morale by allowing employees to check the number, but doesn't want to unblock the gambling URL category.

Which two methods will allow the employees to get to the PowerBall Lottery site without the company unlocking the gambling URL category? (Choose two.)

A.
Add all the URLs from the gambling category except powerball.com to the block list and then set the action for the gambling category to allow.
A.
Add all the URLs from the gambling category except powerball.com to the block list and then set the action for the gambling category to allow.
Answers
B.
Manually remove powerball.com from the gambling URL category.
B.
Manually remove powerball.com from the gambling URL category.
Answers
C.
Add *.powerball.com to the allow list
C.
Add *.powerball.com to the allow list
Answers
D.
Create a custom URL category called PowerBall and add *.powerball.com to the category and set the action to allow.
D.
Create a custom URL category called PowerBall and add *.powerball.com to the category and set the action to allow.
Answers
Suggested answer: C, D

Question 49

Report
Export
Collapse

Which service protects cloud-based applications such as Dropbox and Salesforce by administering permissions and scanning files for sensitive information?

A.
Aperture
A.
Aperture
Answers
B.
AutoFocus
B.
AutoFocus
Answers
C.
Parisma SaaS
C.
Parisma SaaS
Answers
D.
GlobalProtect
D.
GlobalProtect
Answers
Suggested answer: C

Question 50

Report
Export
Collapse

Which administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server.

Which security profile components will detect and prevent this threat after the firewall`s signature database has been updated?

A.
antivirus profile applied to outbound security policies
A.
antivirus profile applied to outbound security policies
Answers
B.
data filtering profile applied to inbound security policies
B.
data filtering profile applied to inbound security policies
Answers
C.
data filtering profile applied to outbound security policies
C.
data filtering profile applied to outbound security policies
Answers
D.
vulnerability profile applied to inbound security policies
D.
vulnerability profile applied to inbound security policies
Answers
Suggested answer: C
Total 362 questions
Go to page: of 37
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms