100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
PCNSA 2022 Questions and Answers $9.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. PCNSA
  4.  
  5. PCNSA

Exam (elaborations)

PCNSA 2022 Questions and Answers
 5 views  0 purchase
  • Course
  • PCNSA
  • Institution
  • PCNSA

PCNSA 2022 Questions and Answers

Preview 2 out of 8  pages

Document information

  • August 27, 2022
  • 8
  • 2022/2023
  • Exam (elaborations)
  • Questions & answers

Subjects

  • pcnsa
  • pcnsa 2022 questions and answers
  • a client downloads a malicious file from the internet the palo alto firewall has a valid wildfire subscription the security policy rule shown above matches the

Written for

  • PCNSA
  • PCNSA

Seller

avatar-seller
Wiseman

Reviews received

Content preview

PCNSA 2022 Questions and Answers

A client downloads a malicious file from the internet. The Palo Alto firewall has a valid
WildFire subscription. The Security policy rule shown above matches the client HTTP
session: Which three actions take place when the firewall's Content-ID engine detects a
virus in the file and the decoder action is set to "block"? (Choose three.) Correct
answer- A threat log entry is generated.

The file download is terminated.

The client receives a block page.

A company has a pair of PA-3050s running PAN-OS 6.0.4. Antivirus, Threat Prevention,
and URL Filtering Profiles are in place and properly configured on both inbound and
outbound policies. A Security Operation Center (SOC) engineer starts his shift and
faces the traffic logs presented in the screenshot shown above. He notices that the
traffic is being allowed outbound. Which actions should the SOC engineer take to safely
allow known but not yet qualified applications, without disrupting the remaining traffic
policies? Correct answer- Create Application Override policies after a packet capture to
identify the applications that are triggering the "unknown-tcp". Then create new custom
applications for those policies, and add these new policies above the current policy that
allows the traffic.

A company has a Palo Alto Networks firewall configured with the following three zones:
Internet DMZ Inside. All users are located on the Inside zone and are using public DNS
servers for name resolution. The company hosts a publicly accessible web application
on a server in the DMZ zone. Which NAT rule configuration will allow users on the
Inside zone to access the web application using its public IP address? Correct answer-
Three zone U-turn NAT

A company has a Palo Alto Networks firewall configured with the following three zones:
Untrust-L3 DMZ Trust-L3. The company hosts a publicly accessible web application on
a server that resides in the Trust-L3 zone. The web server is associated with the
following IP addresses: Web Server Public IP: 2.2.2.1/24 , Web Server Private IP:
192.168.1.10/24 . The security administrator configures the following two-zone U-Turn
NAT rule to allow users using 10.10.1.0/24 on the "Trust-L3" zone to access the web
server using its public IP address in the Untrust-L3 zone: Which statement is true in this
situation? Correct answer- The traffic will be considered intra-zone based on the
translated destination zone.

, A company is deploying a pair of PA-5060 firewalls in an environment requiring support
for asymmetric routing. Which High Availability (HA) mode best supports this design
requirement? Correct answer- Active-Active mode

A company policy dictates that logs must be retained in their original format for a period
of time that would exceed the space limitations of the Palo Alto Networks firewall's
internal storage. Which two options will allow the company to meet this requirement?
(Choose two.) Correct answer- Palo Alto Networks Log Collector

Panorama Virtual Machine with NFS storage

A company uses Active Directory and RADIUS to capture User-ID information and
implement user-based policies to control web access. Many Linux and Mac computers
in the environment that do not have IP-address-to-user mappings. What is the best way
to collect user information for those systems? Correct answer- Use Captive Portal to
capture user information

A company wants to run their pair of PA-200 firewalls in a High Availability
active/passive mode and will be using HA-Lite. Which capability can be used in this
situation? Correct answer- Configuration Sync

A Management Profile to allow SSH access has been created and applied to interface
ethernet1/1. A security rule with the action "deny" is applied to packets from "any"
source zone to "any" destination zone. What will happen when someone attempts to
initiate an SSH connection to ethernet1/1? Correct answer- SSH access to the interface
will be denied because intra-zone traffic is denied.

A network administrator needs to view the default action for a specific spyware
signature. The administrator follows the tabs and menus through Objects > Security
Profiles > Anti-Spyware, and selects the default Profile. What should be done next?
Correct answer- Click the Exceptions tab and then click Show all signatures.

A Palo Alto Networks firewall has been configured with multiple virtual systems and is
administered by multiple personnel. Several administrators are logged into the firewall
and are making configuration changes to separate virtual systems at the same time.
Which option will ensure that no single administrator's changes are interrupted or
undone by another administrator while still allowing all administrators to complete their
changes prior to issuing a commit? Correct answer- Each administrator sets a
configuration and commit lock for the vsys to which they are making changes.

A Palo Alto Networks firewall is being targeted by a DoS attack from the Internet that is
creating a flood of bogus TCP connections to internal servers behind the firewall. This
traffic is allowed by security policies, and other than creating half-open TCP
connections, it is indistinguishable from legitimate inbound traffic. Which Zone
Protection Profile with SYN Flood Protection action, when enabled with the correct

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Wiseman. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

76658 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.99
  • (0)
  Add to cart