Palo Alto Networks PCNSA Übungsprüfungen
Zuletzt aktualisiert am 16.07.2025- Prüfungscode: PCNSA
- Prüfungsname: Palo Alto Networks Certified Network Security Administrator
- Zertifizierungsanbieter: Palo Alto Networks
- Zuletzt aktualisiert am: 16.07.2025
Which Security profile can be used to configure sinkhole IPs m the DNS Sinkhole settings?
- A . Vulnerability Protection
- B . Anti-Spyware
- C . Antivirus
- D . URL Filtering
How frequently can wildfire updates be made available to firewalls?
- A . every 15 minutes
- B . every 30 minutes
- C . every 60 minutes
- D . every 5 minutes
When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?
- A . Translation Type
- B . Interface
- C . Address Type
- D . IP Address
How are Application Filters or Application Groups used in firewall policy?
- A . An Application Group is a static way of grouping applications and cannot be configured as a nested member of Application Group.
- B . An Application Group is a dynamic way of grouping applications and can be configured as a nested member of an Application Group.
- C . An Application Filter is a dynamic way to group applications and can be configured as a nested member of an Application Group.
- D . An Application Filter is a static way of grouping applications and can be configured as a nested member of an Application Group.
How are Application Filters or Application Groups used in firewall policy?
- A . An Application Group is a static way of grouping applications and cannot be configured as a nested member of Application Group.
- B . An Application Group is a dynamic way of grouping applications and can be configured as a nested member of an Application Group.
- C . An Application Filter is a dynamic way to group applications and can be configured as a nested member of an Application Group.
- D . An Application Filter is a static way of grouping applications and can be configured as a nested member of an Application Group.
What action will inform end users when their access to Internet content is being restricted?
- A . Create a custom "URL Category" object with notifications enabled.
- B . Publish monitoring data for Security policy deny logs.
- C . Ensure that the "site access" setting for all URL sites is set to "alert".
- D . Enable "Response Pages" on the interface providing Internet access.
The Administrator profile "PCNSA Admin" is configured with an Authentication profile "Authentication Sequence PCNSA".
The Authentication Sequence PCNSA has a profile list with four Authentication profiles: Auth Profile LDAP
Auth Profile Radius Auth Profile Local Auth Profile TACACS
After a network outage, the LDAP server is no longer reachable. The RADIUS server is still reachable but has lost the "PCNSA Admin" username and password.
Which option describes the "PCNSA Admin" login capabilities after the outage?
- A . Auth OK because of the Auth Profile TACACS
- B . Auth KO because RADIUS server lost user and password for PCNSA Admin
- C . Auth OK because of the Auth Profile Local
- D . Auth KO because LDAP server is not reachable
Which object would an administrator create to block access to all high-risk applications?
- A . HIP profile
- B . Vulnerability Protection profile
- C . application group
- D . application filter
Which rule type is appropriate for matching traffic both within and between the source and destination zones?
- A . interzone
- B . shadowed
- C . intrazone
- D . universal
An administrator is investigating a log entry for a session that is allowed and has the end reason of aged-out.
Which two fields could help in determining if this is normal? (Choose two.)
- A . Packets sent/received
- B . IP Protocol
- C . Action
- D . Decrypted