PCNSA 1 & PCNSA Domain|29 Questions with Verified Answers
Which plane on a Palo Alto Networks Firewall provides configuration, logging, and reporting
... [Show More] functions on a separate processor? - CORRECT ANSWER Managment
A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified byApp-ID as SuperApp_base.On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, which will be deployed in 30 days.Based on the information, how is the SuperApp traffic affected after the 30 days have passed? - CORRECT ANSWER No impact because the firewall automatically adds the rules to the App-ID interface.
Which option shows the attributes that are selectable when setting up application filters? - CORRECT ANSWER Category, Subcategory, Technology, Risk, and Characteristic
Actions can be set for which two items in a URL filtering security profile? - CORRECT ANSWER Block List
Allow List
Which two statements are correct about App-ID content updates? - CORRECT ANSWER Existing security policy rules are not affected by application content updates.
After an application content update, new applications are automatically identified and classified.
An administrator needs to allow users to use their own office applications. How should the administrator configure the firewall to allow multiple applications in a dynamic environment? - CORRECT ANSWER Create an Application Group and add business-systems to it.
Which statement is true regarding a Best Practice Assessment? - CORRECT ANSWER It provides a percentage of adoption for each assessment area.
Choose the option that correctly completes this statement. A Security Profile can block or allow traffic? - CORRECT ANSWER after it is matched by a security policy rule that allows or blocks traffic.
Which interface does not require a MAC or IP address? - CORRECT ANSWER Virtual Wire
Which two App-ID applications will you need to allow in your Security policy to use facebook-chat? - CORRECT ANSWER facebook-chat
facebook-base
Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources? - CORRECT ANSWER Windows-based agent deployed on the internal network.
Your company requires positive username attribution of every IP address used by wireless devices to support a new compliance requirement. You must collect IP`"to-user mappings as soon as possible with minimal downtime and minimal configuration changes to the wireless devices themselves. The wireless devices are from various manufactures.Given the scenario, choose the option for sending IP-to-user mappings to the NGFW. - CORRECT ANSWER syslog
An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server
.Which security profile components will detect and prevent this threat after the firewall's signature database has been updated? - CORRECT ANSWER anti-spyware profile applied to outbound security policies
URL filtering profile applied to outbound security policies.
Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. Complete the security policy to ensure only Telnet is allowed. - CORRECT ANSWER Application="Telnet"
To use Active Directory to authenticate administrators, which server profile is required in the authentication profile? - CORRECT ANSWER LDAP
Which interface type is used to monitor traffic and cannot be used to perform traffic shaping? - CORRECT ANSWER Tap
Which administrator type utilizes predefined roles for a local administrator account? - CORRECT ANSWER Dynamic
Which two security profile types can be attached to a security policy? - CORRECT ANSWER Antivirus
Vulnerability
Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers? - CORRECT ANSWER Active Directory Monitoring
Which three statements describe the operation Security policy rules and Security Profiles? - CORRECT ANSWER Security policy rules are attached to Security Policies.
Security Profiles are attached to Security policy rules.
Security Profiles should be used only on allowed traffic.
Palo Alto Networks Security Operating Platform Components - CORRECT ANSWER Network Security
Advanced Endpoint Protection
Cloud Security
Cloud-Delivered Security Services
Application Framework and Logging Service
Palo Alto Networks Apps, Third-Party Apps and Customer Apps
Next Gen Firewall Availability - CORRECT ANSWER Physical appliances
Virtualized appliances
Cloud-delivered services/GlobalProtect
Detection - CORRECT ANSWER Detect known and unknown attacks
Attacks in encrypted traffic
Use intelligence from customer deployments
Cloud Security methods - CORRECT ANSWER Inline security (VM-series FWs)
API security (Evident)
Host security (Traps)
Security Services - CORRECT ANSWER AutoFocus (Unit42)
GlobalProtect Cloud Service
URL Filtering Web Security
Threat Prevention
Wildfire Malware Analysis
Mindmeld Threat Intelligence Sharing
Wildfire protections updated - CORRECT ANSWER Every five minutes
Magnifier Behaviorial Analytics - CORRECT ANSWER Stops targeted attacks
Malicious insiders
Risky behavior
Compromised endpoints
Application Framework consists of: - CORRECT ANSWER Infrastructure
Customer-specific data store
Apps
Cyber Attack Lifecycle (aka Kill Chain) - CORRECT ANSWER Reconnaissance
Weaponization and Delivery
Exploitation
Installation
Command-and-control
Actions on the objective [Show Less]