Palo Alto Networks PCNSA Übungsprüfungen
Zuletzt aktualisiert am 16.07.2025- Prüfungscode: PCNSA
- Prüfungsname: Palo Alto Networks Certified Network Security Administrator
- Zertifizierungsanbieter: Palo Alto Networks
- Zuletzt aktualisiert am: 16.07.2025
Which three interface deployment methods can be used to block traffic flowing through the Palo Alto Networks firewall? (Choose three.)
- A . Layer 2
- B . Virtual Wire
- C . Tap
- D . Layer 3
- E . HA
Which three interface deployment methods can be used to block traffic flowing through the Palo Alto Networks firewall? (Choose three.)
- A . Layer 2
- B . Virtual Wire
- C . Tap
- D . Layer 3
- E . HA
Employees are shown an application block page when they try to access YouTube.
Which security policy is blocking the YouTube application?
- A . intrazone-default
- B . Deny Google
- C . allowed-security services
- D . interzone-default
Employees are shown an application block page when they try to access YouTube.
Which security policy is blocking the YouTube application?
- A . intrazone-default
- B . Deny Google
- C . allowed-security services
- D . interzone-default
Which data flow direction is protected in a zero trust firewall deployment that is not protected in a perimeter-only firewall deployment?
- A . outbound
- B . north south
- C . inbound
- D . east west
What must exist in order for the firewall to route traffic between Layer 3 interfaces?
- A . Virtual router
- B . Virtual wires
- C . Traffic Distribution profile
- D . VLANs
You receive notification about new malware that is being used to attack hosts. The malware exploits a software bug in common application.
Which Security Profile detects and blocks access to this threat after you update the firewall’s threat signature database?
- A . Data Filtering Profile applied to outbound Security policy rules
- B . Antivirus Profile applied to outbound Security policy rules
- C . Data Filtering Profile applied to inbound Security policy rules
- D . Vulnerability Protection Profile applied to inbound Security policy rules
Which two settings allow you to restrict access to the management interface? (Choose two )
- A . enabling the Content-ID filter
- B . administrative management services
- C . restricting HTTP and telnet using App-ID
- D . permitted IP addresses
Which two settings allow you to restrict access to the management interface? (Choose two )
- A . enabling the Content-ID filter
- B . administrative management services
- C . restricting HTTP and telnet using App-ID
- D . permitted IP addresses
Based on the graphic, which statement accurately describes the output shown in the Server Monitoring panel?
- A . The User-ID agent is connected to a domain controller labeled lab-client.
- B . The host lab-client has been found by the User-ID agent.
- C . The host lab-client has been found by a domain controller.
- D . The User-ID agent is connected to the firewall labeled lab-client.