Palo Alto Networks Palo Alto Networks Certifications PCNSA Questions & Answers

• Question 91:

  Application groups enable access to what?

  A. Applications that are explicitly unsanctioned for use within a company

  B. Applications that are not explicitly unsanctioned and that an administrator wants users to be able to access

  C. Applications that are explicitly sanctioned for use within a company

  D. Applications that are not explicitly sanctioned and that an administrator wants users to be able to access

  Correct Answer: C

  Reference: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/use-application-objects-in-policy/create-an-application-group

• Question 92:

  Where does a user assign a tag group to a policy rule in the policy creation window?

  A. General tab

  B. Usage tab

  C. Application tab

  D. Actions tab

  Correct Answer: A

• Question 93:

  Which setting is available to edit when a tag is created on the local firewall?

  A. Color

  B. Location

  C. Order

  D. Priority

  Correct Answer: A

• Question 94:

  With the PAN-OS 11.0 Nova release, which two attack options can new inline deep learning analysis engines detect and prevent? (Choose two.)

  A. Command injection attacks

  B. SSL attacks

  C. SQL injection attacks

  D. HTTP attacks

  Correct Answer: AC

• Question 95:

  Which profile must be applied to the Security policy rule to block spyware on compromised hosts from trying to phone-home or beacon out to external command-and-control (C2) servers?

  A. Anti-spyware

  B. File blocking

  C. WildFire

  D. URL filtering

  Correct Answer: A

  https://docs.paloaltonetworks.com/network-security/security-policy/security-profiles/security-profile-anti-spyware

• Question 96:

  Which feature dynamically analyzes and detects malicious content by evaluating various web page details using a series of machine learning (ML) models?

  A. Antivirus Inline ML

  B. URL Filtering Inline ML

  C. Anti-Spyware Inline ML

  D. WildFire Inline ML

  Correct Answer: B

• Question 97:

  An administrator is troubleshooting an issue with Office365 and expects that this traffic traverses the firewall.

  When reviewing Traffic Log entries, there are no logs matching traffic from the test workstation.

  What might cause this issue?

  A. Office365 traffic is logged in the System Log.

  B. Office365 traffic is logged in the Authentication Log.

  C. Traffic matches the interzone-default rule, which does not log traffic by default.

  D. The firewall is blocking the traffic, and all blocked traffic is in the Threat Log.

  Correct Answer: C

• Question 98:

  Which verdict may be assigned to a WildFire sample?

  A. Phishing

  B. Spyware

  C. PUP

  D. Malware

  Correct Answer: D

  Reference: https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/AppScan_Integrations/GUID-AWT-WILDFIRE-OVERVIEW-INTRO.html

• Question 99:

  Given the network diagram, which two statements are true about traffic between the User and Server networks? (Choose two.)

  

  A. Traffic is permitted through the default Intrazone “allow” rule.

  B. Traffic restrictions are not possible because the networks are in the same zone.

  C. Traffic is permitted through the default Interzone “allow” rule.

  D. Traffic restrictions are possible by modifying Intrazone rules.

  Correct Answer: AD

• Question 100:

  By default, which action is assigned to the intrazone-default rule?

  A. Reset-client

  B. Reset-server

  C. Deny

  D. Allow

  Correct Answer: D

  Reference: https://kb.wisc.edu/security/page.php?id=90956#:~:text=Intrazone%20%22traffic%20within%20your%20zone,by%20default%20will%20allow%20it.andtext=Interzone%20%22traffic%20between%20zones%22%2C,by%20default% 20will%20block%20it