ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCNSA

Palo Alto Networks PCNSA Practice Test - Questions Answers, Page 9

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which action would an administrator take to ensure that a service object will be available only to the selected device group?
Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?
An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?
Which order of steps is the correct way to create a static route?
Which statement is true about Panorama managed devices?
What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)
An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?
Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)
Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?
Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)

Question 81

Report
Export
Collapse

Which type firewall configuration contains in-progress configuration changes?

A.
backup
A.
backup
Answers
B.
running
B.
running
Answers
C.
candidate
C.
candidate
Answers
D.
committed
D.
committed
Answers
Suggested answer: C

Question 82

Report
Export
Collapse

Which link in the web interface enables a security administrator to view the security policy rules that match new application signatures?

A.
Review Apps
A.
Review Apps
Answers
B.
Review App Matches
B.
Review App Matches
Answers
C.
Pre-analyze
C.
Pre-analyze
Answers
D.
Review Policies
D.
Review Policies
Answers
Suggested answer: D

Question 83

Report
Export
Collapse

At which stage of the cyber-attack lifecycle would the attacker attach an infected PDF file to an email?

A.
delivery
A.
delivery
Answers
B.
command and control
B.
command and control
Answers
C.
explotation
C.
explotation
Answers
D.
reinsurance
D.
reinsurance
Answers
E.
installation
E.
installation
Answers
Suggested answer: A

Question 84

Report
Export
Collapse

How frequently can wildfire updates be made available to firewalls?

A.
every 15 minutes
A.
every 15 minutes
Answers
B.
every 30 minutes
B.
every 30 minutes
Answers
C.
every 60 minutes
C.
every 60 minutes
Answers
D.
every 5 minutes
D.
every 5 minutes
Answers
Suggested answer: D

Question 85

Report
Export
Collapse

Which data flow direction is protected in a zero trust firewall deployment that is not protected in a perimeter-only firewall deployment?

A.
outbound
A.
outbound
Answers
B.
north south
B.
north south
Answers
C.
inbound
C.
inbound
Answers
D.
east west
D.
east west
Answers
Suggested answer: D

Question 86

Report
Export
Collapse

How do you reset the hit count on a security policy rule?

A.
First disable and then re-enable the rule.
A.
First disable and then re-enable the rule.
Answers
B.
Reboot the data-plane.
B.
Reboot the data-plane.
Answers
C.
Select a Security policy rule, and then select Hit Count > Reset.
C.
Select a Security policy rule, and then select Hit Count > Reset.
Answers
D.
Type the CLI command reset hitcount <POLICY-NAME>.
D.
Type the CLI command reset hitcount <POLICY-NAME>.
Answers
Suggested answer: C

Question 87

Report
Export
Collapse

Which protocol used to map username to user groups when user-ID is configured?

A.
SAML
A.
SAML
Answers
B.
RADIUS
B.
RADIUS
Answers
C.
TACACS+
C.
TACACS+
Answers
D.
LDAP
D.
LDAP
Answers
Suggested answer: D

Question 88

Report
Export
Collapse

Based on the graphic which statement accurately describes the output shown in the server monitoring panel?

A.
The User-ID agent is connected to a domain controller labeled lab-client.
A.
The User-ID agent is connected to a domain controller labeled lab-client.
Answers
B.
The host lab-client has been found by the User-ID agent.
B.
The host lab-client has been found by the User-ID agent.
Answers
C.
The host lab-client has been found by a domain controller.
C.
The host lab-client has been found by a domain controller.
Answers
D.
The User-ID agent is connected to the firewall labeled lab-client.
D.
The User-ID agent is connected to the firewall labeled lab-client.
Answers
Suggested answer: A

Question 89

Report
Export
Collapse

Which three configuration settings are required on a Palo Alto networks firewall management interface?

A.
default gateway
A.
default gateway
Answers
B.
netmask
B.
netmask
Answers
C.
IP address
C.
IP address
Answers
D.
hostname
D.
hostname
Answers
E.
auto-negotiation
E.
auto-negotiation
Answers
Suggested answer: A, B, C

Explanation:

Reference:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClN7CAK

Question 90

Report
Export
Collapse

Which Palo Alto networks security operating platform service protects cloud-based application such as Dropbox and salesforce by monitoring permissions and shared and scanning files for Sensitive information?

A.
Prisma SaaS
A.
Prisma SaaS
Answers
B.
AutoFocus
B.
AutoFocus
Answers
C.
Panorama
C.
Panorama
Answers
D.
GlobalProtect
D.
GlobalProtect
Answers
Suggested answer: A
Total 362 questions
Go to page: of 37
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms