Which path in PAN-OS 10.0 displays the list of port-based security policy rules?
A. Policies> Security> Rule Usage> No App Specified
B. Policies> Security> Rule Usage> Port only specified
C. Policies> Security> Rule Usage> Port-based Rules
D. Policies> Security> Rule Usage> Unused Apps
All users from the internal zone must be allowed only HTTP access to a server in the DMZ zone. Complete the empty field in the Security policy using an application object to permit only this type of access. Source Zone: Internal Destination Zone: DMZ Zone Application: __________ Service: application-default Action: allow
A. Application = "any"
B. Application = "web-browsing"
C. Application = "ssl"
D. Application = "http"
An administrator has configured a Security policy where the matching condition includes a single application and the action is drop.
If the application s default deny action is reset-both what action does the firewall take?
A. It sends a TCP reset to the client-side and server-side devices
B. It silently drops the traffic and sends an ICMP unreachable code
C. It silently drops the traffic
D. It sends a TCP reset to the server-side device
What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)
A. An implicit dependency does not require the dependent application to be added in the security policy
B. An implicit dependency requires the dependent application to be added in the security policy
C. An explicit dependency does not require the dependent application to be added in the security policy
D. An explicit dependency requires the dependent application to be added in the security policy
Which type of administrative role must you assign to a firewall administrator account, if the account must include a custom set of firewall permissions?
A. SAML
B. Multi-Factor Authentication
C. Role-based
D. Dynamic
Which Security profile would you apply to identify infected hosts on the protected network using DNS traffic?
A. URL traffic
B. vulnerability protection
C. anti-spyware
D. antivirus
Which option lists the attributes that are selectable when setting up an Application filters?
A. Category, Subcategory, Technology, and Characteristic
B. Category, Subcategory, Technology, Risk, and Characteristic
C. Name, Category, Technology, Risk, and Characteristic
D. Category, Subcategory, Risk, Standard Ports, and Technology
Which statement is true regarding NAT rules?
A. Static NAT rules have precedence over other forms of NAT.
B. Translation of the IP address and port occurs before security processing.
C. NAT rules are processed in order from top to bottom.
D. Firewall supports NAT on Layer 3 interfaces only.
What can be achieved by selecting a policy target prior to pushing policy rules from Panorama?
A. Doing so limits the templates that receive the policy rules
B. Doing so provides audit information prior to making changes for selected policy rules
C. You can specify the firewalls m a device group to which to push policy rules
D. You can specify the location as pre can - or post-rules to push policy rules
Why should a company have a File Blocking profile that is attached to a Security policy?
A. To block uploading and downloading of specific types of files
B. To detonate files in a sandbox environment
C. To analyze file types
D. To block uploading and downloading of any type of files
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCNSA exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.