File Info
| Exam | Palo Alto Networks Certified Network Security Administrator |
| Number | PCNSA |
| File Name | Palo Alto Networks Certified Network Security Administrator.Prep4sure.PCNSA.2019-09-11.1e.38q.vcex |
| Size | 742 Kb |
| Posted | September 11, 2019 |
| Downloads | 38 |
| Download | Palo Alto Networks Certified Network Security Administrator.Prep4sure.PCNSA.2019-09-11.1e.38q.vcex |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
Which two configuration settings shown are not the default? (Choose two.)
- A: Enable Security Log
- B: Server Log Monitor Frequency (sec)
- C: Enable Session
- D: Enable Probing
Correct Answer: BC
Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?
- A: Signature Matching
- B: Network Processing
- C: Security Processing
- D: Security Matching
Correct Answer: A
Which option shows the attributes that are selectable when setting up application filters?
- A: Category, Subcategory, Technology, and Characteristic
- B: Category, Subcategory, Technology, Risk, and Characteristic
- C: Name, Category, Technology, Risk, and Characteristic
- D: Category, Subcategory, Risk, Standard Ports, and Technology
Correct Answer: B
Actions can be set for which two items in a URL filtering security profile? (Choose two.)
- A: Block List
- B: Custom URL Categories
- C: PAN-DB URL Categories
- D: Allow List
Correct Answer: AD
Which statement is true regarding a Best Practice Assessment?
- A: The BPA tool can be run only on firewalls
- B: It provides a percentage of adoption for each assessment area
- C: The assessment, guided by an experienced sales engineer, helps determine the areas of greatest risk where you should focus prevention activities
- D: It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture
Correct Answer: B
Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application?
- A: intrazone-default
- B: Deny Google
- C: allowed-security services
- D: interzone-default
Correct Answer: D
Which interface does not require a MAC or IP address?
- A: Virtual Wire
- B: Layer3
- C: Layer2
- D: Loopback
Correct Answer: A
A company moved its old port-based firewall to a new Palo Alto Networks NGFW 60 days ago. Which utility should the company use to identify out-of-date or unused rules on the firewall?
- A: Rule Usage Filter > No App Specified
- B: Rule Usage Filter >Hit Count > Unused in 30 days
- C: Rule Usage Filter > Unused Apps
- D: Rule Usage Filter > Hit Count > Unused in 90 days
Correct Answer: D
Order the steps needed to create a new security zone with a Palo Alto Networks firewall.
Correct Answer: Exam simulator is required
What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)
- A: An implicit dependency does not require the dependent application to be added in the security policy
- B: An implicit dependency requires the dependent application to be added in the security policy
- C: An explicit dependency does not require the dependent application to be added in the security policy
- D: An explicit dependency requires the dependent application to be added in the security policy
Correct Answer: AD
