Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

PCNSA Exam 132 Questions with Verified Answers,100% CORRECT, Exams of Business Fundamentals

PCNSA Exam 132 Questions with Verified Answers

Typology: Exams

2023/2024

Available from 08/16/2024

paul-kamau-2
paul-kamau-2 🇺🇸

2.7

(3)

3.2K documents

1 / 30

Toggle sidebar

Related documents


Partial preview of the text

Download PCNSA Exam 132 Questions with Verified Answers,100% CORRECT and more Exams Business Fundamentals in PDF only on Docsity! PCNSA Exam 132 Questions with Verified Answers Which two actions are available for antivirus security profiles? (Choose two.) A. continue B. allow C. block IP D. alert - CORRECT ANSWER B. allow D. alert Which two HTTP Header Logging options are within a URL filtering profile? (Choose two.) A. User‐Agent B. Safe Search C. URL redirection D. X‐Forward‐For - CORRECT ANSWER A. User‐Agent D. X‐Forward‐For What are the two components of Denial‐of‐Service Protection? (Choose two.) A. zone protection profile B. DoS protection profile and policy rules C. flood protection D. reconnaissance protection - CORRECT ANSWER A. zone protection profile B. DoS protection profile and policy rules Which two types of attacks does the PAN‐DB prevent? (Choose two.) A. phishing sites B. HTTP based command‐and‐control C. infected JavaScript D. flood attacks - CORRECT ANSWER A. phishing sites B. HTTP based command‐and‐control Which two valid URLs can be used in a custom URL category? (Choose two.) A. ww.youtube.** B. www.**.com C. www.youtube.com D. *.youtube.com - CORRECT ANSWER C. www.youtube.com D. *.youtube.com What are three methods of mapping usernames to IP addresses? (Choose three.) A. Server Monitoring B. Traps C. Minemeld D. syslog E. AutoFocus F. port mapping - CORRECT ANSWER A. Server Monitoring D. syslog F. port mapping Which type of server profile is used to create group mappings? A. RADIUS B. TACACS+ C. Kerberos D. LDAP - CORRECT ANSWER D. LDAP The Server Monitoring user mapping method can monitor which three types of servers? (Choose three.) A. RADIUS B. Microsoft Domain Controllers C. Exchange Servers D. Novell eDirectory Servers - CORRECT ANSWER B. Microsoft Domain Controllers C. Exchange Servers D. Novell eDirectory Servers The Port Mapping user mapping method can monitor which two types of environments? (Choose two.) A. Citrix B. Microsoft terminal servers C. Exchange Servers D. Linux servers - CORRECT ANSWER A. Citrix B. Microsoft terminal servers C. Threat 42 D. Magnifier - CORRECT ANSWER B. AutoFocus - It provides instant access to community‐based threat data, enhanced with deep context and attribution from the Unit 42 threat research team A. Aperture C. Threat 42 - Unit 42 threat research team D. Magnifier - Magnifier behavioral analytics applies machine learning at a cloud scale to network, endpoint, and cloud data so that you can quickly find and stop targeted attacks, insider abuse, and compromised endpoints Which cloud‐delivered security services provides security for branches and mobile users? A. MineMeld B. Magnifier C. Traps D. Global Protect - CORRECT ANSWER D. Global Protect Which Palo Alto Networks Security Operating Platform component provides access to apps from Palo Alto Networks, third parties, and customers? A. Applications (Palo Alto Networks apps, third‐party apps, customer apps) B. Cloud‐Delivered Security Services C. WildFire D. Application Framework E. Network Security F. Advanced Endpoint Protection G. Cloud Security - CORRECT ANSWER D. Application Framework Which Palo Alto Networks firewall feature provides all of the following abilities? Stops malware, exploits, and ransomware before they can compromise endpoints Provides protection while endpoints are online and offline, on network and off Coordinates enforcement with network and cloud security to prevent successful attacks Detects threats and automates containment to minimize impact Includes WildFire cloud‐based threat analysis service with your Traps subscription Integrates with the Palo Alto Networks Security Operating Platform A. Traps B. Aperture C. URL Filtering D. WildFire E. GlobalProtect F. AutoFocus - CORRECT ANSWER A. Traps Which management features does the control plane provide? (Choose three.) A. security processing B. logging C. reporting D. firewall configuration E. signature matching F. network processing - CORRECT ANSWER B. logging C. reporting D. firewall configuration Which three data processing features does the data plane provide? (Choose three.) A. network processing B. security processing C. signature matching D. firewall configuration E. logging F. reporting - CORRECT ANSWER A. network processing B. security processing C. signature matching What are three components of the Network Processing module? (Choose three.) A. QoS B. NAT C. App‐ID D. flow control E. url match F. spyware - CORRECT ANSWER A. QoS B. NAT D. flow control Which approach most accurately defines the Palo Alto Networks SP3 architecture? A. prioritize first B. sequential processing C. scan it all, scan it once D. zero trust segmentation platform - CORRECT ANSWER C. scan it all, scan it once What is the result of using a stream‐based design of architecture? A. superior performance B. increased latency C. superior latency D. increased functionality - CORRECT ANSWER A. superior performance Palo Alto Networks has reduced latency enormously, using the Single‐Pass Parallel Processing (SP3) architecture, which combines two complementary components: - CORRECT ANSWER Single‐Pass Software Parallel Processing Hardware Which security model does Palo Alto Networks recommend that you deploy? A. separation‐of‐trust B. Zero Trust C. trust‐then‐verify D. never trust - CORRECT ANSWER B. Zero Trust The Zero Trust model is implemented to specifically address which type of traffic? A. east‐west B. north‐south C. left‐right D. up‐down - CORRECT ANSWER A. east‐west What are the three main concepts of Zero Trust? (Choose three.) A. All resources are accessed in a secure manner, regardless of location. D. 10.0.0.254 - CORRECT ANSWER A. 192.168.1.1 What are the two default services that are available on the MGT interface? (Choose two.) A. HTTPS B. SSH C. HTTP D. Telnet - CORRECT ANSWER A. HTTPS B. SSH True or false. Service route traffic has Security policy rules applied against it. A. True B. False - CORRECT ANSWER A. True By default, the firewall uses the management interface to communicate with various servers including those for External Dynamic Lists, DNS, email, and Palo Alto Networks updates servers. Service routes are used so that the communication between the firewall and servers goes through the data ports on the data plane. These data ports require appropriate security policies before external servers can be accessed. Service routes may be used to forward which two traffic types out a data port? Choose two.) A. External Dynamic Lists B. MineMeld C. Skype D. Palo Alto Networks updates - CORRECT ANSWER A. External Dynamic Lists D. Palo Alto Networks updates Which plane does the running‐config reside on? A. Management B. Control C. Data D. Security - CORRECT ANSWER C. Data All configuration changes in a Palo Alto Networks firewall are done to a candidate configuration, which resides in memory on the control plane. A commit activates the changes since the last commit and installs the running configuration on the data plane, where it will become the running configuration. Which plane does the candidate config reside on? A. Management B. Control C. Data D. Security - CORRECT ANSWER B. Control All configuration changes in a Palo Alto Networks firewall are done to a candidate configuration, which resides in memory on the control plane. A commit activates the changes since the last commit and installs the running configuration on the data plane, where it will become the running configuration. Candidate config and running config files are saved as which file type? A. EXE B. TXT C. HTML D. XML E. RAR - CORRECT ANSWER D. XML Which command must be performed on the firewall to activate any changes? A. commit B. save C. load D. save named E. import F. copy - CORRECT ANSWER A. commit Which command backs up configuration files to a remote network device? A. import B. load C. copy D. export - CORRECT ANSWER D. export The command load named configuration snapshot overwrites the current candidate configuration with which three items? (Choose three.) A. custom‐named candidate configuration snapshot (instead of the default snapshot) B. custom‐named running configuration that you imported C. snapshot.xml D. current running configuration (running‐config.xml) E. Palo Alto Networks updates - CORRECT ANSWER A. custom‐named candidate configuration snapshot (instead of the default snapshot) B. custom‐named running configuration that you imported D. current running configuration (running‐config.xml) This option overwrites the current candidate configuration with one of the following: Custom‐named candidate configuration snapshot (instead of the default snapshot) Custom‐named running configuration that you imported Current running configuration (running‐config.xml) What is the shortest time interval that you can configure a Palo Alto Networks firewall to download WildFire updates? A. 1 minute B. 5 minutes C. 15 minutes D. 60 minutes - CORRECT ANSWER A. 1 minute What is the publishing interval for WildFire updates, with a valid WildFire license? A. 1 minute B. 5 minutes C. 15 minutes D. 60 minutes - CORRECT ANSWER B. 5 minutes o Virtual system administrator: Full access to a selected virtual system (vsys) on the firewall o Virtual system administrator (read‐only): Read‐only access to a selected vsys on the firewall o Device administrator: Full access to all firewall settings except for defining new accounts or virtual systems o Device administrator (read‐only): Read‐only access to all firewall settings except password profiles (no access) and administrator accounts (only the logged‐in account is visible) Which type of profile does an Authentication Sequence include? A. Security B. Authorization C. Admin D. Authentication - CORRECT ANSWER D. Authentication An authentication profile includes which other type of profile? A. Server B. Admin C. Customized D. Built‐in - CORRECT ANSWER A. Server True or False: Dynamic roles are called "dynamic" because you can customize them. A. True B. False - CORRECT ANSWER B. False These are dynamic because they are predefined roles that update with the firewall during updates What is used to override global Minimum Password Complexity Requirements? A. authentication profile B. local profile C. password role D. password profile - CORRECT ANSWER D. password profile Which two default zones are included with the PAN‐OS® software? (Choose two.) A. Interzone B. Extrazone C. Intrazone D. Extranet - CORRECT ANSWER A. Interzone C. Intrazone Which two zone types are valid? (Choose two.) A. Trusted B. Tap C. Virtual Wire D. Untrusted E. DMZ - CORRECT ANSWER B. Tap C. Virtual Wire There are five primary zone types (Tap, Layer 2, Layer 3, Tunnel, and Virtual Wire) A sixth zone type named External is a special zone that is available only on some firewall models. What is the zone of type External used to pass traffic between? A. Layer 2 interfaces B. Layer 3 interfaces C. virtual routers D. virtual systems - CORRECT ANSWER D. virtual systems A sixth zone type named External is a special zone that is available only on some firewall models. Which two statements are correct? (Choose two.) A. Interfaces must be configured before you can create a zone. B. Interfaces do not have to be configured before you can create a zone. C. An interface can belong to only one zone. D. An interface can belong to multiple zones. - CORRECT ANSWER B. Interfaces do not have to be configured before you can create a zone. C. An interface can belong to only one zone. Which three interface types can belong in a Layer 3 zone? (Choose three.) A. loopback B. Layer 3 C. tunnel D. virtual wire - CORRECT ANSWER A. loopback B. Layer 3 C. tunnel Layer 3 Zone allows four interface types: Layer 3 (Ethernet1/6), loopback, tunnel, and vlan: What are used to control traffic through zones? A. access lists B. security policy lists C. security policy rules D. access policy rules - CORRECT ANSWER C. security policy rules Which two actions can be done with a Tap interface? (Choose two.) A. encrypt traffic B. decrypt traffic C. allow or block traffic D. log traffic - CORRECT ANSWER B. decrypt traffic D. log traffic Which two actions can be done with a Virtual Wire interface? (Choose two.) A. NAT B. route C. switch D. log traffic - CORRECT ANSWER A. NAT D. log traffic A Virtual Wire interface is used to simply pass traffic through a firewall by binding two Ethernet interfaces, allowing traffic to pass between them. Virtual Wire interfaces are often placed between an existing firewall and a secured network to allow analysis of the traffic before actually migrating from a legacy firewall to a Palo Alto Networks firewall. D. You can apply an interface management profile to the interface. - CORRECT ANSWER A.You can configure a Layer 3 interface with one or more as a DHCP client. D.You can apply an interface management profile to the interface. Dynamic routing protocols available on a Palo Alto Networks firewall are as follows: - CORRECT ANSWER BGP4 OSPFv2 OSPVv3 RIPv2 Multicast routing protocols available on a Palo Alto Networks firewall are as follows: - CORRECT ANSWER IGMPv1, IGMPv2, IGMPv3 PIM‐SM, PIM‐ASM, PIM‐SSM What is the firewall's RIB? (Virtual Router) - CORRECT ANSWER Routing Information Base The firewall initially populates its learned routes into the firewall's IP routing information base (RIB What is a firewall's FIB (Virtual Router) - CORRECT ANSWER Forwarding Information Base The virtual router obtains the best route from the RIB, and then places it in the forwarding information base (FIB). Packets then are forwarded to the next hop router defined in the FIB. What is the default administrative distance of a static route within the PAN‐OS ® software? A. 1 B. 5 C. 10 D. 100 - CORRECT ANSWER C. 10 Which two dynamic routing protocols are available in the PAN‐OS ® software? (Choose two.) A. RIP1 B. RIPv2 C. OSPFv3 D. EIGRP - CORRECT ANSWER B. RIPv2 C. OSPFv3 Which value is used to distinguish the preference of routing protocols? A. Metric B. Weight C. Distance D. Cost E. Administrative Distance - CORRECT ANSWER A. Metric In path monitoring, what is used to monitor remote network devices? A. Ping B. SSL C. HTTP D. HTTPS E. Link State - CORRECT ANSWER A. Ping What are the two default (predefined) security policy types in PAN‐OS ® software? (Choose two.) A. Universal B. Interzone C. Intrazone D. Extrazone - CORRECT ANSWER B. Interzone C. Intrazone True or false. Because the first rule that matches the traffic is applied, the more specific rules must follow the more general ones. A. True B. False - CORRECT ANSWER B. False Which statement is true? A. For Intrazone traffic, traffic logging is enabled by default. B. For Interzone traffic, traffic logging is enabled by default. C. For Universal traffic, traffic logging is enabled by default. D. none of the above - CORRECT ANSWER C. For Universal traffic, traffic logging is enabled by default. What are the two default (predefined) security policy types in PAN‐OS ® software? (Choose two.) A. Universal B. Interzone C. Intrazone D. Extrazone - CORRECT ANSWER B. Interzone C. Intrazone True or false? Best practice is to enable logging for the two predefined security policy rules. A. True B. False - CORRECT ANSWER A. True What will be the result of one or more occurrences of shadowing? A. a failed commit B. an invalid configuration C. a warning D. none of the above - CORRECT ANSWER C. a warning Which type of security policy rules always exist above the two predefined security policies? A. intrazone B. interzone C. universal D. global - CORRECT ANSWER C. universal What are two source NAT types? (Choose two.) A. universal B. static C. dynamic D. extrazone - CORRECT ANSWER B. static C. dynamic B. dynamically categorize multiple service filters C. dynamically categorize multiple applications D. manually categorize multiple applications - CORRECT ANSWER C. dynamically categorize multiple applications An administrator can dynamically categorize multiple applications into an application filter based on the specific attributes Category, Subcategory, Technology, Risk, and Characteristic. Which two items can be added to an application group? (Choose two.) A. application groups B. application services C. application filters D. admin accounts - CORRECT ANSWER A. application groups C. application filters What does the TCP Half Closed setting mean? A. maximum length of time that a session remains in the session table between receiving the first FIN and receiving the third FIN or RST. B. minimum length of time that a session remains in the session table between receiving the first FIN and receiving the second FIN or RST. C. maximum length of time that a session remains in the session table between receiving the first FIN and receiving the second FIN or RST. D. minimum length of time that a session remains in the session table between receiving the first FIN and receiving the third FIN or RST - CORRECT ANSWER C. maximum length of time that a session remains in the session table between receiving the first FIN and receiving the second FIN or RST. What are two application characteristics? (Choose two.) A. stateful B. excessive bandwidth use C. intensive D. evasive - CORRECT ANSWER B. excessive bandwidth use D. evasive What is a TCP Timeout (Application Timeouts) - CORRECT ANSWER Number of seconds before an idle TCP application flow is terminated. A zero indicates that the default timeout of the application is used. What is a UDP Timeout (Application Timeouts) - CORRECT ANSWER Number of seconds before an idle UDP application flow is terminated. A zero indicates that the default timeout of the application is used. What is a TCP Time Wait (Application Timeouts) - CORRECT ANSWER Maximum length of time that a session remains in the session table after receiving the second FIN or RST. If the timer expires, the session is closed. If this time is not configured at the application level, the global setting is used (range is 1 to 600 seconds). If this value is configured at the application level, it overrides the global TCP Time Wait setting. Which column in the Applications and Threats screen includes the options Review Apps and Review Policies? A. Features B. Type C. Version D. Action - CORRECT ANSWER D. Action What can you select to minimize the risk using of installing new App‐ID updates? A. Enable new apps in content B. Disable new apps in app‐id database C. Disable new apps in content D. Enable new apps in App‐ID database - CORRECT ANSWER C. Disable new apps in content Installation of new App‐IDs included in a content release version sometimes can cause a change in policy enforcement for the application that now is uniquely identified. What are two benefits of vulnerability protection security profiles? (Choose two.) A. prevent compromised hosts from trying to communicate with external command‐and‐ control (C2) servers B. protect against viruses, worms, and Trojans C. prevent exploitation of system flaws D. prevent unauthorized access to systems - CORRECT ANSWER D. prevent unauthorized access to systems C. prevent exploitation of system flaws (True or false) - Sometimes you do not have to explicitly allow access to the dependent applications for the traffic to flow because the firewall can determine the dependencies and allow them implicitly. - CORRECT ANSWER True Which Layer 2 interfaces used to switch traffic between? - CORRECT ANSWER other Layer 2 interfaces How often are new and modified threat signatures and modified applications signatures published? - CORRECT ANSWER Weekly The Application Framework consists of which two components? (Choose two.) - CORRECT ANSWER The Application Framework consists of the following components: Infrastructure: A suite of cloud APIs, services, compute, and native access to customer‐specific data stores Customer‐specific data store: The Palo Alto Networks Logging Service Apps: Apps that are delivered from the cloud to extend the capabilities of the platform, including the ability to effortlessly collaborate between different apps, share threat context and intelligence, and drive automated response and enforcement. For more information, see https://www.paloaltonetworks.com/products/application‐framewor Cloud security is delivered in which three ways? (Choose three.) - CORRECT ANSWER Auto Focus contextual threat intel, Global Protect Cloud, URL Filtering Web Security, Threat Prevention (IPS), Wildfire, MineMeld Threat Intel Sharing Which three items are part of the Palo Alto Networks Security Operating Platform? (Choose three.) - CORRECT ANSWER Network Security