ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 7

Add to Whishlist

List of questions

Question 61

Report Export Collapse

Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?

DoS protection
DoS protection
URL filtering
URL filtering
packet buffering
packet buffering
anti-spyware
anti-spyware
Suggested answer: A
asked 23/09/2024
Farrah Colson
39 questions

Question 62

Report Export Collapse

Which path in PAN-OS 10.0 displays the list of port-based security policy rules?

Policies> Security> Rule Usage> No App Specified
Policies> Security> Rule Usage> No App Specified
Policies> Security> Rule Usage> Port only specified
Policies> Security> Rule Usage> Port only specified
Policies> Security> Rule Usage> Port-based Rules
Policies> Security> Rule Usage> Port-based Rules
Policies> Security> Rule Usage> Unused Apps
Policies> Security> Rule Usage> Unused Apps
Suggested answer: A
Explanation:

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/app-id/security-policy-ruleoptimization/migrate-port-based-to-app-id-based-security-policy-rules.html

asked 23/09/2024
Jorge Diaz
38 questions

Question 63

Report Export Collapse

Which two components are utilized within the Single-Pass Parallel Processing architecture on a Palo Alto Networks Firewall? (Choose two.)

Layer-ID
Layer-ID
User-ID
User-ID
QoS-ID
QoS-ID
App-ID
App-ID
Suggested answer: B, D
asked 23/09/2024
Sumit Dhar
52 questions

Question 64

Report Export Collapse

Which path is used to save and load a configuration with a Palo Alto Networks firewall?

Device>Setup>Services
Device>Setup>Services
Device>Setup>Management
Device>Setup>Management
Device>Setup>Operations
Device>Setup>Operations
Device>Setup>Interfaces
Device>Setup>Interfaces
Suggested answer: C
asked 23/09/2024
Kabi Bashala
42 questions

Question 65

Report Export Collapse

Which action related to App-ID updates will enable a security administrator to view the existing security policy rule that matches new application signatures?

Review Policies
Review Policies
Review Apps
Review Apps
Pre-analyze
Pre-analyze
Review App Matches
Review App Matches
Suggested answer: A
Explanation:

References:

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/app-id/manage-new-app-idsintroduced-incontent-releases/review-new-app-id-impact-on- existing-policy-rules

asked 23/09/2024
Kevin Collins
36 questions

Question 66

Report Export Collapse

How is the hit count reset on a rule?

select a security policy rule, right click Hit Count > Reset
select a security policy rule, right click Hit Count > Reset
with a dataplane reboot
with a dataplane reboot
Device > Setup > Logging and Reporting Settings > Reset Hit Count
Device > Setup > Logging and Reporting Settings > Reset Hit Count
in the CLI, type command reset hitcount <POLICY-NAME>
in the CLI, type command reset hitcount <POLICY-NAME>
Suggested answer: A
asked 23/09/2024
shikeba barakzei
37 questions

Question 67

Report Export Collapse

Palo Alto Networks PCNSA image Question 67 53882 09232024001155000000

Given the topology, which zone type should interface E1/1 be configured with?

Tap
Tap
Tunnel
Tunnel
Virtual Wire
Virtual Wire
Layer3
Layer3
Suggested answer: A
asked 23/09/2024
Henry R L Thom
37 questions

Question 68

Report Export Collapse

Which interface type is part of a Layer 3 zone with a Palo Alto Networks firewall?

Management
Management
High Availability
High Availability
Aggregate
Aggregate
Aggregation
Aggregation
Suggested answer: C
asked 23/09/2024
Johannes Bickel
62 questions

Question 69

Report Export Collapse

Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?

intrazone
intrazone
interzone
interzone
universal
universal
global
global
Suggested answer: B
asked 23/09/2024
Daniel williams
60 questions

Question 70

Report Export Collapse

Based on the show security policy rule would match all FTP traffic from the inside zone to the outside zone?

Palo Alto Networks PCNSA image Question 70 53885 09232024001155000000

internal-inside-dmz
internal-inside-dmz
engress outside
engress outside
inside-portal
inside-portal
intercone-default
intercone-default
Suggested answer: B
asked 23/09/2024
Sasa Korlat
37 questions
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)