ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCNSA

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 8

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which statement is true about Panorama managed devices?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)
An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)

Question 71

Report
Export
Collapse

Which the app-ID application will you need to allow in your security policy to use facebook-chat?

A.
facebook-email
A.
facebook-email
Answers
B.
facebook-base
B.
facebook-base
Answers
C.
facebook
C.
facebook
Answers
D.
facebook-chat
D.
facebook-chat
Answers
Suggested answer: B, D

Question 72

Report
Export
Collapse

Which type security policy rule would match traffic flowing between the inside zone and outside zone within the inside zone and within the outside zone?

A.
global
A.
global
Answers
B.
universal
B.
universal
Answers
C.
intrazone
C.
intrazone
Answers
D.
interzone
D.
interzone
Answers
Suggested answer: B

Question 73

Report
Export
Collapse

Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

A.
Apps Allowed
A.
Apps Allowed
Answers
B.
Name
B.
Name
Answers
C.
Apps Seen
C.
Apps Seen
Answers
D.
Service
D.
Service
Answers
Suggested answer: C

Question 74

Report
Export
Collapse

In a security policy what is the quickest way to rest all policy rule hit counters to zero?

A.
Use the CLI enter the command reset rules all
A.
Use the CLI enter the command reset rules all
Answers
B.
Highlight each rule and use the Reset Rule Hit Counter > Selected Rules.
B.
Highlight each rule and use the Reset Rule Hit Counter > Selected Rules.
Answers
C.
use the Reset Rule Hit Counter > All Rules option.
C.
use the Reset Rule Hit Counter > All Rules option.
Answers
D.
Reboot the firewall.
D.
Reboot the firewall.
Answers
Suggested answer: C

Question 75

Report
Export
Collapse

What in the minimum frequency for which you can configure the firewall too check for new wildfire antivirus signatures?

A.
every 5 minutes
A.
every 5 minutes
Answers
B.
every 1 minute
B.
every 1 minute
Answers
C.
every 24 hours
C.
every 24 hours
Answers
D.
every 30 minutes
D.
every 30 minutes
Answers
Suggested answer: B

Explanation:

Question 76

Report
Export
Collapse

What do dynamic user groups you to do?

A.
create a QoS policy that provides auto-remediation for anomalous user behavior and malicious activity
A.
create a QoS policy that provides auto-remediation for anomalous user behavior and malicious activity
Answers
B.
create a policy that provides auto-sizing for anomalous user behavior and malicious activity
B.
create a policy that provides auto-sizing for anomalous user behavior and malicious activity
Answers
C.
create a policy that provides auto-remediation for anomalous user behavior and malicious activity
C.
create a policy that provides auto-remediation for anomalous user behavior and malicious activity
Answers
D.
create a dynamic list of firewall administrators
D.
create a dynamic list of firewall administrators
Answers
Suggested answer: C

Explanation:

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamicusergroups#:~:text=Dynamic%20user%20groups%20help%20you,activity%20while%20maintaining%20user%20visibility.

Question 77

Report
Export
Collapse

Which plane on a Palo alto networks firewall provides configuration logging and reporting functions on a separate processor?

A.
data
A.
data
Answers
B.
network processing
B.
network processing
Answers
C.
management
C.
management
Answers
D.
security processing
D.
security processing
Answers
Suggested answer: C

Question 78

Report
Export
Collapse

Your company occupies one floor in a single building you have two active directory domain controllers on a single networks the firewall s management plane is only slightly utilized.

Which user-ID agent sufficient in your network?

A.
PAN-OS integrated agent deployed on the firewall
A.
PAN-OS integrated agent deployed on the firewall
Answers
B.
Windows-based agent deployed on the internal network a domain member
B.
Windows-based agent deployed on the internal network a domain member
Answers
C.
Citrix terminal server agent deployed on the network
C.
Citrix terminal server agent deployed on the network
Answers
D.
Windows-based agent deployed on each domain controller
D.
Windows-based agent deployed on each domain controller
Answers
Suggested answer: D

Explanation:

Reference:

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/user-id/map-ip-addresses-tousers/configureuser-mapping-using-the-windows-user-id- agent/configure-the-windows-based-userid-agent-for-usermapping.html

Question 79

Report
Export
Collapse

At which point in the app-ID update process can you determine if an existing policy rule is affected by an app-ID update?

A.
after clicking Check New in the Dynamic Update window
A.
after clicking Check New in the Dynamic Update window
Answers
B.
after connecting the firewall configuration
B.
after connecting the firewall configuration
Answers
C.
after downloading the update
C.
after downloading the update
Answers
D.
after installing the update
D.
after installing the update
Answers
Suggested answer: A

Explanation:

Reference: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-web-interfacehelp/device/device-dynamicupdates

Question 80

Report
Export
Collapse

Which Palo Alto network security operating platform component provides consolidated policy creation and centralized management?

A.
Prisma SaaS
A.
Prisma SaaS
Answers
B.
Panorama
B.
Panorama
Answers
C.
AutoFocus
C.
AutoFocus
Answers
D.
GlobalProtect
D.
GlobalProtect
Answers
Suggested answer: B
Total 362 questions
Go to page: of 37
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms