Download Palo Alto Networks Certified Network Security Administrator.train4sure.PCNSA.2019-12-04.1e.44q.vcex

Download Exam

File Info

Exam Palo Alto Networks Certified Network Security Administrator
Number PCNSA
File Name Palo Alto Networks Certified Network Security Administrator.train4sure.PCNSA.2019-12-04.1e.44q.vcex
Size 793 Kb
Posted December 04, 2019
Downloads 109
Download Palo Alto Networks Certified Network Security Administrator.train4sure.PCNSA.2019-12-04.1e.44q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

Which firewall plane provides configuration, logging, and reporting functions on a separate processor?

  • A: control
  • B: network processing
  • C: data
  • D: security processing

Correct Answer: A




Question 2

A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified by App-ID as SuperApp_base.  
On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days.  
Based on the information, how is the SuperApp traffic affected after the 30 days have passed?

  • A: All traffic matching the SuperApp_chat, and SuperApp_download is denied because it no longer matches the SuperApp-base application
  • B: No impact because the apps were automatically downloaded and installed
  • C: No impact because the firewall automatically adds the rules to the App-ID interface
  • D: All traffic matching the SuperApp_base, SuperApp_chat, and SuperApp_download is denied until the security administrator approves the applications

Correct Answer: C




Question 3

How many zones can an interface be assigned with a Palo Alto Networks firewall?

  • A: two
  • B: three
  • C: four
  • D: one

Correct Answer: D

Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-web-interface-help/network/network-zones/security-zone-overview




Question 4

Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall?  

  

  • A: Signature Matching
  • B: Network Processing
  • C: Security Processing
  • D: Security Matching

Correct Answer: A




Question 5

Which two statements are correct about App-ID content updates? (Choose two.)

  • A: Updated application content may change how security policy rules are enforced
  • B: After an application content update, new applications must be manually classified prior to use
  • C: Existing security policy rules are not affected by application content updates
  • D: After an application content update, new applications are automatically identified and classified

Correct Answer: CD




Question 6

An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environment?

  • A: Create an Application Filter and name it Office Programs, then filter it on the business-systems category, office-programs subcategory
  • B: Create an Application Group and add business-systems to it
  • C: Create an Application Filter and name it Office Programs, then filter it on the business-systems category
  • D: Create an Application Group and add Office 365, Evernote, Google Docs, and Libre Office

Correct Answer: B




Question 7

Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application? 

  

  • A: intrazone-default
  • B: Deny Google
  • C: allowed-security services
  • D: interzone-default

Correct Answer: D




Question 8

Which interface does not require a MAC or IP address?

  • A: Virtual Wire
  • B: Layer3
  • C: Layer2
  • D: Loopback

Correct Answer: A




Question 9

What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)

  • A: An implicit dependency does not require the dependent application to be added in the security policy
  • B: An implicit dependency requires the dependent application to be added in the security policy
  • C: An explicit dependency does not require the dependent application to be added in the security policy
  • D: An explicit dependency requires the dependent application to be added in the security policy

Correct Answer: AD




Question 10

Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources?

  • A: Windows-based agent deployed on the internal network
  • B: PAN-OS integrated agent deployed on the internal network
  • C: Citrix terminal server deployed on the internal network
  • D: Windows-based agent deployed on each of the WAN Links

Correct Answer: A










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files