ExamGecko
Login
Home / Palo Alto Networks / PCNSA / List of questions
Ask Question

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 8

List of questions

Question 71

Report Export Collapse

Which the app-ID application will you need to allow in your security policy to use facebook-chat?

facebook-email
facebook-email
facebook-base
facebook-base
facebook
facebook
facebook-chat
facebook-chat
Suggested answer: B, D
asked 23/09/2024
Shane Behrendt
38 questions

Question 72

Report Export Collapse

Which type security policy rule would match traffic flowing between the inside zone and outside zone within the inside zone and within the outside zone?

global
global
universal
universal
intrazone
intrazone
interzone
interzone
Suggested answer: B
asked 23/09/2024
Balazs Jarmy
56 questions

Question 73

Report Export Collapse

Based on the screenshot presented which column contains the link that when clicked opens a window to display all applications matched to the policy rule?

Palo Alto Networks PCNSA image Question 73 53888 09232024001155000000

Apps Allowed
Apps Allowed
Name
Name
Apps Seen
Apps Seen
Service
Service
Suggested answer: C
asked 23/09/2024
Mahmoud Ismail
38 questions

Question 74

Report Export Collapse

In a security policy what is the quickest way to rest all policy rule hit counters to zero?

Use the CLI enter the command reset rules all
Use the CLI enter the command reset rules all
Highlight each rule and use the Reset Rule Hit Counter > Selected Rules.
Highlight each rule and use the Reset Rule Hit Counter > Selected Rules.
use the Reset Rule Hit Counter > All Rules option.
use the Reset Rule Hit Counter > All Rules option.
Reboot the firewall.
Reboot the firewall.
Suggested answer: C
asked 23/09/2024
Amin Dashti
56 questions

Question 75

Report Export Collapse

What in the minimum frequency for which you can configure the firewall too check for new wildfire antivirus signatures?

every 5 minutes
every 5 minutes
every 1 minute
every 1 minute
every 24 hours
every 24 hours
every 30 minutes
every 30 minutes
Suggested answer: B
Explanation:

Palo Alto Networks PCNSA image Question 75 explanation 53890 09232024001155000000

asked 23/09/2024
Mohit Mohit
49 questions

Question 76

Report Export Collapse

What do dynamic user groups you to do?

create a QoS policy that provides auto-remediation for anomalous user behavior and malicious activity
create a QoS policy that provides auto-remediation for anomalous user behavior and malicious activity
create a policy that provides auto-sizing for anomalous user behavior and malicious activity
create a policy that provides auto-sizing for anomalous user behavior and malicious activity
create a policy that provides auto-remediation for anomalous user behavior and malicious activity
create a policy that provides auto-remediation for anomalous user behavior and malicious activity
create a dynamic list of firewall administrators
create a dynamic list of firewall administrators
Suggested answer: C
Explanation:

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamicusergroups#:~:text=Dynamic%20user%20groups%20help%20you,activity%20while%20maintaining%20user%20visibility.

asked 23/09/2024
Tyler Evans
47 questions

Question 77

Report Export Collapse

Which plane on a Palo alto networks firewall provides configuration logging and reporting functions on a separate processor?

data
data
network processing
network processing
management
management
security processing
security processing
Suggested answer: C
asked 23/09/2024
Earl Frederick
39 questions

Question 78

Report Export Collapse

Your company occupies one floor in a single building you have two active directory domain controllers on a single networks the firewall s management plane is only slightly utilized.

Which user-ID agent sufficient in your network?

PAN-OS integrated agent deployed on the firewall
PAN-OS integrated agent deployed on the firewall
Windows-based agent deployed on the internal network a domain member
Windows-based agent deployed on the internal network a domain member
Citrix terminal server agent deployed on the network
Citrix terminal server agent deployed on the network
Windows-based agent deployed on each domain controller
Windows-based agent deployed on each domain controller
Suggested answer: D
Explanation:

Reference:

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/user-id/map-ip-addresses-tousers/configureuser-mapping-using-the-windows-user-id- agent/configure-the-windows-based-userid-agent-for-usermapping.html

asked 23/09/2024
Siphiwe Soldat
39 questions

Question 79

Report Export Collapse

At which point in the app-ID update process can you determine if an existing policy rule is affected by an app-ID update?

after clicking Check New in the Dynamic Update window
after clicking Check New in the Dynamic Update window
after connecting the firewall configuration
after connecting the firewall configuration
after downloading the update
after downloading the update
after installing the update
after installing the update
Suggested answer: A
Explanation:

Reference: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-web-interfacehelp/device/device-dynamicupdates

asked 23/09/2024
leconte maxime
40 questions

Question 80

Report Export Collapse

Which Palo Alto network security operating platform component provides consolidated policy creation and centralized management?

Prisma SaaS
Prisma SaaS
Panorama
Panorama
AutoFocus
AutoFocus
GlobalProtect
GlobalProtect
Suggested answer: B
asked 23/09/2024
PHINIT LAORUNGRUANGDECH
50 questions
Total 362 questions
Go to page: of 37
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days. Based on the information, how is the SuperApp traffic affected after the 30 days have passed?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which firewall plane provides configuration, logging, and reporting functions on a separate processor?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)