Exam (elaborations)
PCNSA EXAM 2025 QUESTIONS AND CORRECT ANSWER
- Course
- Institution
PCNSA EXAM 2025 QUESTIONS AND CORRECT ANSWER
[Show more]
Content preview
PCNSA EXAM 2025 QUESTIONS AND CORRECT ANSWERWhich firewall plane provides configuration, logging, and reporting functions on a separate processor? -
answer>>>Control plane
Which two activities are part of the cyberattack lifecycle Reconnaissance stage? - answer>>>ports scans,
social engineering
At which cyberattack lifecycle stage does the attacker achieve "hands on keyboard" control of the target
device? - answer>>>C2
Which two characteristics are common among commodity threats? - answer>>>They are pervasive, they
are often used as part of an APT
At which packet flow stage does the firewall detect and block pre-session reconnaissance and DoS
attacks? - answer>>>Ingress
Which two items are required match criteria in a Palo Alto Networks Security policy rule? -
answer>>>source zone, destination zone
Which type of Security policy rule is the default rule type? - answer>>>Universal
Which action in a Security policy rule results in traffic being silently rejected? - answer>>>Drop
NAT oversubscription is used in conjunction with which NAT translation type? - answer>>>dynamic IP
and port
True or false? Logging on intrazone-default and interzone-default Security policy rules is enabled by
default. - answer>>>False
True or false? The implementation of network segmentation and security zones can reduce your
network's attack surface. - answer>>>True
,Which protection method can be used to mitigate single-session DoS attacks? - answer>>>packet buffer
protection
True or false? DoS Protection policy is applied to session traffic before a Zone Protection Profile. -
answer>>>False (!)
Which type of protection is provided by both a Zone Protection Profile and a DoS Protection Profile? -
answer>>>Flood
Which firewall configuration component is used to block access to known-bad IP addresses? -
answer>>>Security policy
In which three locations can you configure the firewall to use an external dynamic list (EDL)? -
answer>>>Anti-spyware profile
URL filtering profile
Security policy
In which firewall configuration component can you use an EDL of type Domain List? - answer>>>Anti-
spyware profile (!)
True or false? A best practice is to enable the "sinkhole" action in an Anti-Spyware Profile. -
answer>>>True
Which three methods does App-ID use to identify network traffic? - answer>>>Signatures
protocol decoders
Heuristics
How would App-ID label TCP traffic when the three-way handshake completes, but not enough data is
sent to identify an application? - answer>>>Insufficient-data
, True or false? When migration is done from the firewall of another vendor to a Palo Alto Networks
firewall, a best practice is to always migrate the existing Security policy. - answer>>>True
When an Applications and Threats content update is performed, which is the earliest point where you
can review the impact of new application signatures on existing policies? - answer>>>After download
Which item is the name of an object that dynamically identifies, and associate's applications based on
application attributes that you define: Category, Subcategory, Technology, Risk, and Characteristic? -
answer>>>application filter
True or false? In Palo Alto Networks terms, an application is a specific program or feature that can be
detected, monitored, and blocked if necessary. - answer>>>true
Before App-ID would identify traffic as facebook-base, it would first identify the traffic as which
application? - answer>>>SSL
When are brand-new application signatures released by Palo Alto Networks? - answer>>>Once per
month
What triggers Security policy rule match in the Policy Optimizer's No App Specified window? -
answer>>>"any" in the Application column
By default, which two application names might App-ID assign to a custom, web-based application
running in your environment? - answer>>>web-browsing
SSL
Re-order the steps so that they could be used to create and use a custom application with a custom
signature. - answer>>>1. capture application network traffic
2. identify unique bit patterns in the traffic
3. create the custom application with a signature
4. add the custom application to policy rules
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller dennohz2000. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
80796 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now