Home

Home / Palo Alto Networks / PCNSA

Question list

List of questions

Question 1

(0)

Which firewall plane provides configuration, logging, and reporting functions on a separate processor?

Question 2

(0)

A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base. On a conten

Question 3

(0)

How many zones can an interface be assigned with a Palo Alto Networks firewall?

Question 4

(0)

Which two configuration settings shown are not the default? (Choose two.)

Question 5

(0)

Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?

Question 6

(0)

Which option lists the attributes that are selectable when setting up an Application filters?

Question 7

(0)

Actions can be set for which two items in a URL filtering security profile? (Choose two.)

Question 8

(0)

Which two statements are correct about App-ID content updates? (Choose two.)

Question 9

(0)

Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

Question 10

(0)

An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environment?

Open VPLUS File

Convert VPLUS to PDF

Related questions

Which action would an administrator take to ensure that a service object will be available only to the selected device group?

Which type of DNS signatures are used by the firewall to identify malicious and command-and-control domains?

An administrator needs to add capability to perform real-time signature lookups to block or sinkhole all known malware domains. Which type of single unified engine will get this result?

Which order of steps is the correct way to create a static route?

Which statement is true about Panorama managed devices?

What are three valid source or D=destination conditions available as Security policy qualifiers? (Choose three.)

An administrator is updating Security policy to align with best practices. Which Policy Optimizer feature is shown in the screenshot below?

Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)

Which security profile will provide the best protection against ICMP floods, based on individual combinations of a packet`s source and destination IP address?

Review the Screenshot: Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the SERVER zone to the DMZ on SSH only. Which rule group enables the required traffic? A) B) C) D)

Question 340 - PCNSA discussion

Report

What is the best-practice approach to logging traffic that traverses the firewall?

A.

Enable both log at session start and log at session end.

B.

Enable log at session start only.

C.

Enable log at session end only.

D.

Disable all logging options.

Show Answer

asked 23/09/2024

Calin-Alin Stoenescu

41 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first