Complete list of current Q & A>> Download Palo Alto Network Certified Network Security Administrator (PCNSA) – Quiz 1 / 15 1. Which Security profile would you apply to identify infected hosts on the protected network using DNS traffic? A. URL traffic B. vulnerability protection C. anti-spyware D. antivirus 2 / 15 2. You receive notification about new malware that is being used to attack hosts The malware exploits a software bug in a common application Which Security Profile detects and blocks access to this threat after you update the firewall’s threat signature database? A. Data Filtering Profile applied to outbound Security policy rules B. Antivirus Profile applied to outbound Security policy rules C. Data Filtering Profile applied to inbound Security policy rules D. Vulnerability Profile applied to inbound Security policy rules 3 / 15 3. The CFO found a malware infected USB drive in the parking lot, which when inserted infected their corporate laptop the malware contacted a known command-and-control server which exfiltrating corporate data. Which Security profile feature could have been used to prevent the communications with the command-and-control server? A. Create a Data Filtering Profile and enable its DNS sinkhole feature B. Create an Antivirus Profile and enable its DNS sinkhole feature. C. Create an Anti-Spyware Profile and enable its DNS sinkhole feature. D. Create a URL Filtering Profile and block the DNS sinkhole URL category. 4 / 15 4. Which license must an administrator acquire prior to downloading Antivirus updates for use with the firewall? A. URL filtering B. Antivirus C. WildFire D. Threat Prevention 5 / 15 5. Which two Palo Alto Networks security management tools provide a consolidated creation of policies, centralized management and centralized threat intelligence. (Choose two.) A. GlobalProtect B. Panorama C. Aperture D. AutoFocus 6 / 15 6. Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone? A. global B. intrazone C. interzone D. universal 7 / 15 7. Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources? A. Windows-based agent deployed on the internal network B. PAN-OS integrated agent deployed on the internal network C. Citrix terminal server deployed on the internal network D. Windows-based agent deployed on each of the WAN Links 8 / 15 8. What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.) A. An implicit dependency does not require the dependent application to be added in the security policy B. An implicit dependency requires the dependent application to be added in the security policy C. An explicit dependency does not require the dependent application to be added in the security policy D. An explicit dependency requires the dependent application to be added in the security policy 9 / 15 9. Which statement is true regarding a Best Practice Assessment? A. The BPA tool can be run only on firewalls B. It provides a percentage of adoption for each assessment data C. The assessment, guided by an experienced sales engineer, helps determine the areas of greatest risk where you should focus prevention activities D. It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture 10 / 15 10. Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory? A. Windows session monitoring via a domain controller B. passive server monitoring using the Windows-based agent C. Captive Portal D. passive server monitoring using a PAN-OS integrated User-ID agent 11 / 15 11. Actions can be set for which two items in a URL filtering security profile? (Choose two.) A. Block List B. Custom URL Categories C. PAN-DB URL Categories D. Allow List 12 / 15 12. How many zones can an interface be assigned with a Palo Alto Networks firewall? A. two B. three C. four D. one 13 / 15 13. Which firewall plane provides configuration, logging, and reporting functions on a separate processor? A. control B. network processing C. data D. security processing 14 / 15 14. Which three filter columns are available when setting up an Application Filter? (Choose three.) A. Parent App B. Category C. Risk D. Standard Ports E. Subcategory 15 / 15 15. Which interface type requires no routing or switching but applies Security or NAT policy rules before passing allowed traffic? A. Layer 3 B. Virtual Wire C. Tap D. Layer 2 Your score is 0% Restart quiz Send feedback
