Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Paloalto Networks PCNSA - Palo Alto Networks Certified Network Security Administrator (PAN-OS 10.0)

Paloalto Networks PCNSA Premium Access     Download Demo    
Page: 6 / 11
Total 364 questions

An address object of type IP Wildcard Mask can be referenced in which part of the configuration?

A.

Security policy rule

B.

ACC global filter

C.

external dynamic list

D.

NAT address pool

The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.

Which security profile feature could have been used to prevent the communication with the CnC server?

A.

Create an anti-spyware profile and enable DNS Sinkhole

B.

Create an antivirus profile and enable DNS Sinkhole

C.

Create a URL filtering profile and block the DNS Sinkhole category

D.

Create a security policy and enable DNS Sinkhole

Arrange the correct order that the URL classifications are processed within the system.

The CFO found a malware infected USB drive in the parking lot, which when inserted infected their corporate laptop the malware contacted a known command-and-control server which exfiltrating corporate data.

Which Security profile feature could have been used to prevent the communications with the command-and-control server?

A.

Create a Data Filtering Profile and enable its DNS sinkhole feature.

B.

Create an Antivirus Profile and enable its DNS sinkhole feature.

C.

Create an Anti-Spyware Profile and enable its DNS sinkhole feature.

D.

Create a URL Filtering Profile and block the DNS sinkhole URL category.

In a File Blocking profile, which two actions should be taken to allow file types that support critical apps? (Choose two.)

A.

Clone and edit the Strict profile.

B.

Use URL filtering to limit categories in which users can transfer files.

C.

Set the action to Continue.

D.

Edit the Strict profile.

Based on the screenshot what is the purpose of the group in User labelled ''it"?

A.

Allows users to access IT applications on all ports

B.

Allows users in group "DMZ" lo access IT applications

C.

Allows "any" users to access servers in the DMZ zone

D.

Allows users in group "it" to access IT applications

In order to attach an Antivirus, Anti-Spyware and Vulnerability Protection security profile to your Security Policy rules, which setting must be selected?

A.

Policies > Security > Actions Tab > Select Group-Profiles as Profile Type

B.

Policies > Security > Actions Tab > Select Default-Profiles as Profile Type

C.

Policies > Security > Actions Tab > Select Profiles as Profile Type

D.

Policies > Security > Actions Tab > Select Tagged-Profiles as Profile Type

Which statement is true regarding a Prevention Posture Assessment?

A.

The Security Policy Adoption Heatmap component filters the information by device groups, serial numbers, zones, areas of architecture, and other categories

B.

It provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture

C.

It provides a percentage of adoption for each assessment area

D.

It performs over 200 security checks on Panorama/firewall for the assessment

What are three configurable interface types for a data-plane ethernet interface? (Choose three.)

A.

Layer 3

B.

HSCI

C.

VWire

D.

Layer 2

E.

Management

What is a prerequisite before enabling an administrative account which relies on a local firewall user database?

A.

Configure an authentication policy

B.

Configure an authentication sequence

C.

Configure an authentication profile

D.

Isolate the management interface on a dedicated management VLAN