Download Palo Alto Networks.PCNSA.BrainDumps.2019-04-13.26q.vcex

Download Exam

File Info

Exam Palo Alto Networks Certified Network Security Administrator
Number PCNSA
File Name Palo Alto Networks.PCNSA.BrainDumps.2019-04-13.26q.vcex
Size 1 MB
Posted Apr 13, 2019
Download Palo Alto Networks.PCNSA.BrainDumps.2019-04-13.26q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application? 
  


  1. intrazone-default
  2. Deny Google
  3. allowed-security services
  4. interzone-default
Correct answer: D



Question 2

Complete the statement. A security profile can block or allow traffic.


  1. on unknown-tcp or unknown-udp traffic
  2. after it is evaluated by a security policy that allows traffic
  3. before it is evaluated by a security policy
  4. after it is evaluated by a security policy that allows or blocks traffic
Correct answer: D



Question 3

Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP – to-user mappings as soon as possible with minimal downtime and minimal configuration changes to the wireless devices themselves. The wireless devices are from various manufactures.  
Given the scenario, choose the option for sending IP-to-user mappings to the NGFW.


  1. syslog
  2. RADIUS
  3. UID redistribution
  4. XFF headers
Correct answer: A
Explanation:



Question 4

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall’s signature database has been updated? 
(Choose two.)


  1. vulnerability protection profile applied to outbound security policies
  2. anti-spyware profile applied to outbound security policies
  3. antivirus profile applied to outbound security policies
  4. URL filtering profile applied to outbound security policies
Correct answer: BD
Explanation:
Reference: https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/policy/create-best-practice-security-profiles
Reference: https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/policy/create-best-practice-security-profiles



Question 5

In which stage of the Cyber-Attack Lifecycle would the attacker inject a PDF file within an email?


  1. Weaponization
  2. Reconnaissance
  3. Installation
  4. Command and Control
  5. Exploitation
Correct answer: A



Question 6

Identify the correct order to configure the PAN-OS integrated USER-ID agent.  
  1. create a service account on the Domain Controller with sufficient permissions to execute the User- ID agent
  2. define the address of the servers to be monitored on the firewall  
  3. add the service account to monitor the server(s) 
  4. commit the configuration, and verify agent connection status  


  1. 2-3-4-1
  2. 1-4-3-2
  3. 3-1-2-4
  4. 1-3-2-4
Correct answer: D



Question 7

Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.  
Complete the security policy to ensure only Telnet is allowed.  
Security Policy: Source Zone: Internal to DMZ Zone __________services “Application defaults”, and action = Allow


  1. Destination IP: 192.168.1.123/24
  2. Application = ‘Telnet’
  3. Log Forwarding
  4. USER-ID = ‘Allow users in Trusted’
Correct answer: B



Question 8

Based on the security policy rules shown, ssh will be allowed on which port? 
  


  1. 80
  2. 53
  3. 22
  4. 23
Correct answer: C



Question 9

Which license must an Administrator acquire prior to downloading Antivirus Updates for use with the firewall?


  1. Threat Prevention License
  2. Threat Implementation License
  3. Threat Environment License
  4. Threat Protection License 
Correct answer: A
Explanation:
Reference: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/threat-prevention/set-up-antivirus-anti-spyware-and-vulnerability-protection.html
Reference: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/threat-prevention/set-up-antivirus-anti-spyware-and-vulnerability-protection.html



Question 10

An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?  
  


  1. branch office traffic
  2. north-south traffic 
  3. perimeter traffic
  4. east-west traffic
Correct answer: D









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files