Palo Alto Networks PCNSA Exam Practice Test Instant Access

Question 1

Based on the graphic, what is the purpose of the SSL/TLS Service profile configuration option?

AIt defines the SSUTLS encryption strength used to protect the management interface.

BIt defines the CA certificate used to verify the client's browser.

CIt defines the certificate to send to the client's browser from the management interface.

DIt defines the firewall's global SSL/TLS timeout values.

Answer : C

Question 2

Which statements is true regarding a Heatmap report?

AWhen guided by authorized sales engineer, it helps determine te areas of greatest security risk.

BIt provides a percentage of adoption for each assessment area.

CIt runs only on firewall.

DIt provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture.

Answer : B

Question 3

Which object would an administrator create to block access to all high-risk applications?

AHIP profile

Bapplication filter

Capplication group

DVulnerability Protection profile

Answer : B

Explanation/Reference:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClKECA0

Question 4

Which Palo Alto Networks firewall security platform provides network security for mobile endpoints by inspecting traffic deployed as internet gateways?

AGlobalProtect

BAutoFocus

CAperture

DPanorama

Answer : A

GlobalProtect: GlobalProtect safeguards your mobile workforce by inspecting all traffic using your next-generation firewalls deployed as internet gateways, whether at the perimeter, in the Demilitarized Zone (DMZ), or in the cloud.

Question 5

Which statement is true about Panorama managed devices?

APanorama automatically removes local configuration locks after a commit from Panorama

BLocal configuration locks prohibit Security policy changes for a Panorama managed device

CSecurity policy rules configured on local firewalls always take precedence

DLocal configuration locks can be manually unlocked from Panorama

Answer : D

Explanation

Explanation/Reference:

https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/administer-panorama/manage- locks-forrestricting-configuration-changes.html

Question 6

What must be configured before setting up Credential Phishing Prevention?

AAnti Phishing Block Page

BThreat Prevention

CAnti Phishing profiles

DUser-ID

Answer : B

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/prevent-credential-phishing/set-up-credential-phishing-prevention

Question 7

Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?

Aoverride

Ballow

Cblock

Dcontinue

Answer : B

Palo Alto Networks Certified Network Security Administrator PCNSA Exam Practice Test