PCNSA Questions and Answers Already Graded A+

Document Content and Description Below

PCNSA Questions and Answers Already Graded A+ Which two actions are available for antivirus security profiles? (Choose two.) A. continue B. allow C. block IP D. alert ✔✔B. allow D. alert Which two HTTP Header Logging options are within a URL filtering profile? (Choose two.) A. User‐Agent B. Safe Search C. URL redirection D. X‐Forward‐For ✔✔A. User‐Agent D. X‐Forward‐For What are the two components of Denial‐of‐Service Protection? (Choose two.) A. zone protection profile B. DoS protection profile and policy rules C. flood protection D. reconnaissance protection ✔✔A. zone protection profile B. DoS protection profile and policy rules Which two types of attacks does the PAN‐DB prevent? (Choose two.) A. phishing sites B. HTTP based command‐and‐control C. infected JavaScript D. flood attacks ✔✔A. phishing sites B. HTTP based command‐and‐controlWhich two valid URLs can be used in a custom URL category? (Choose two.) A. ww.youtube.** B. www.**.com C. www.youtube.com D. *.youtube.com ✔✔C. www.youtube.com D. *.youtube.com What are three methods of mapping usernames to IP addresses? (Choose three.) A. Server Monitoring B. Traps C. Minemeld D. syslog E. AutoFocus F. port mapping ✔✔A. Server Monitoring D. syslog F. port mapping Which type of server profile is used to create group mappings? A. RADIUS B. TACACS+ C. Kerberos D. LDAP ✔✔D. LDAP The Server Monitoring user mapping method can monitor which three types of servers? (Choose three.) A. RADIUS B. Microsoft Domain Controllers C. Exchange Servers D. Novell eDirectory Servers ✔✔B. Microsoft Domain Controllers C. Exchange ServersD. Novell eDirectory Servers The Port Mapping user mapping method can monitor which two types of environments? (Choose two.) A. Citrix B. Microsoft terminal servers C. Exchange Servers D. Linux servers ✔✔A. Citrix B. Microsoft terminal servers The Windows User‐ID Agent can be installed on which two operating systems? (Choose two.) A. Linux B. Server 2016 C. XP D. Server 2008 ✔✔B. Server 2016 D. Server 2008 A Heatmap provides an adoption rate for which three features? (Choose three.) A. WildFire B. Traps C. File Blocking D. User‐ID E. SSL certificates F. authentication profiles ✔✔A. WildFire C. File Blocking D. User‐ID What are three Best Practice Assessment tool primary categories? (Choose three.) A. User‐IDB. Logging C. Vulnerability Protection D. Security E. Decryption F. DoS Protection ✔✔D. Security E. Decryption F. DoS Protection Which two security features normally do not achieve an adoption rate of 100%? (Choose two.) A. URL Filtering B. App‐ID C. Logging D. DNS Sinkhole ✔✔D. DNS Sinkhole A. URL Filtering Which type of file is used to generate the Heatmap report and the BPA report? A. Technical Support B. Configuration C. Statistics D. XML ✔✔A. Technical Support What are two components of the BPA tool? (Choose two.) A. Security Policy Adoption Heatmap B. BPA C. XML D. Security Policy ✔✔A. Security Policy Adoption Heatmap B. BPA The Palo Alto Networks Security Operating Platform is designed for which three purposes? (Choose three.)A. consume innovations quickly B. ensure compliance C. focus on what matters D. prevent successful cyberattacks ✔✔A. consume innovations quickly C. focus on what matters D. prevent successful cyberattacks Which item is not one of the six primary components of the Palo Alto Networks Security Operating Platform? A. Applications (Palo Alto Networks apps, third‐party apps, customer apps) B. Cloud‐Delivered Security Services C. WildFire D. Application Framework and Logging Service E. Network Security F. Advanced Endpoint Protection G. Cloud Security ✔✔C. WildFire Which cloud‐delivered security service provides instant access to community‐based threat data? A. Aperture B. AutoFocus C. Threat 42 D. Magnifier ✔✔B. AutoFocus - It provides instant access to community‐based threat data, enhanced with deep context and attribution from the Unit 42 threat research team A. Aperture C. Threat 42 - Unit 42 threat research team D. Magnifier - Magnifier behavioral analytics applies machine learning at a cloud scale to network, endpoint, and cloud data so that you can quickly find and stop targeted attacks, insider abuse, and compromised endpointsWhich cloud‐delivered security services provides security for branches and mobile users? A. MineMeld B. Magnifier C. Traps D. Global Protect ✔✔D. Global Protect Which Palo Alto Networks Security Operating Platform component provides access to apps from Palo Alto Networks, third parties, and customers? A. Applications (Palo Alto Networks apps, third‐party apps, customer apps) B. Cloud‐Delivered Security Services C. WildFire D. Application Framework E. Network Security F. Advanced Endpoint Protection G. Cloud Security ✔✔D. Application Framework Which Palo Alto Networks firewall feature provides all of the following abilities? Stops malware, exploits, and ransomware before they can compromise endpoints Provides protection while endpoints are online and offline, on network and off Coordinates enforcement with network and cloud security to prevent successful attacks Detects threats and automates containment to minimize impact Includes WildFire cloud‐based threat analysis service with your Traps subscription Integrates with the Palo Alto Networks Security Operating Platform A. Traps B. Aperture C. URL Filtering D. WildFire E. GlobalProtect F. AutoFocus ✔✔A. TrapsWhich management features does the control plane provide? (Choose three.) A. security processing B. logging C. reporting D. firewall configuration E. signature matching F. network processing ✔✔B. logging C. reporting D. firewall configuration Which three data processing features does the data plane provide? (Choose three.) A. network processing B. security processing C. signature matching D. firewall configuration E. logging F. reporting ✔✔A. network processing B. security processing C. signature matching What are three components of the Network Processing module? (Choose three.) A. QoS B. NAT C. App‐ID D. flow control E. url match F. spyware ✔✔A. QoS B. NAT D. flow controlWhich approach most accurately defines the Palo Alto Networks SP3 architecture? A. prioritize first B. sequential processing C. scan it all, scan it once D. zero trust segmentation platform ✔✔C. scan it all, scan it once What is the result of using a stream‐based design of architecture? A. superior performance B. increased latency C. superior latency D. increased functionality ✔✔A. superior performance Palo Alto Networks has reduced latency enormously, using the Single‐Pass Parallel Processing (SP3) architecture, which combines two complementary components: ✔✔Single‐Pass Software Parallel Processing Hardware Which security model does Palo Alto Networks recommend that you deploy? A. separation‐of‐trust B. Zero Trust C. trust‐then‐verify D. never trust ✔✔B. Zero Trust The Zero Trust model is implemented to specifically address which type of traffic? A. east‐west B. north‐south C. left‐right D. up‐down ✔✔A. east‐west What are the three main concepts of Zero Trust? (Choose three.)A. All resources are accessed in a secure manner, regardless of location. B. Access control is on a "need‐to‐know" basis and is strictly enforced. C. Credentials need to be verified. D. All traffic is logged and inspected. E. Internal users are trusted implicitly. F. External users are trusted explicitly. ✔✔A. All resources are accessed in a secure manner, regardless of location. B. Access control is on a "need‐to‐know" basis and is strictly enforced. D. All traffic is logged and inspected. Which two statements are true about the Zero Trust model? (Choose two.) A. Traffic is inspected laterally. B. Traffic is inspected east‐west. C. Internal traffic is implicitly trusted. D. External traffic is implicitly trusted. ✔✔A. Traffic is inspected laterally. B. Traffic is inspected east‐west. Which three Palo Alto Networks products secure your network? (Choose three.) A. MineMerge B. Aperture C. URL filtering D. AutoMagnifier E. TrapContent F. WildFire ✔✔B. Aperture C. URL filtering F. WildFire True or false: Blocking just one stage in the Cyber‐Attack Lifecycle is all that is needed to protect a company's network from attack. A. True B. False ✔✔B. FalseWhat are two stages of the Cyber‐Attack Lifecycle? (Choose two.) A. Weaponization and delivery B. Manipulation C. Extraction D. Command and Control ✔✔A. Weaponization and delivery D. Command and Control Command and control be prevented through which two methods? (Choose two.) A. exploitation B. DNS Sinkholing C. URL filtering D. reconnaissance ✔✔B. DNS Sinkholing C. URL filtering Exploitation can be mitigated by which two actions? (Choose two.) A. keeping systems patched B. using local accounts C. blocking known and unknown vulnerability exploits on the endpoint D. providing admin credentials ✔✔A. keeping systems patched C. blocking known and unknown vulnerability exploits on the endpoint What are two firewall management methods? (Choose two.) A. CLI B. RDP C. VPN D. XML API ✔✔A. CLI D. XML API Which two devices are used to can connect a computer to the firewall for management purposes? (Choose two.)A. rollover cable B. serial cable C. RJ‐45 Ethernet cable D. USB cable ✔✔B. serial cable C. RJ‐45 Ethernet cable What is the default IP address on the MGT interfaces of a Palo Alto Networks firewall? A. 192.168.1.1 B. 192.168.1.254 C. 10.0.0.1 D. 10.0.0.254 ✔✔A. 192.168.1.1 What are the two default services that are available on the MGT interface? (Choose two.) A. HTTPS B. SSH C. HTTP D. Telnet ✔✔A. HTTPS B. SSH True or false. Service route traffic has Security policy rules applied against it. A. True B. False ✔✔A. True By default, the firewall uses the management interface to communicate with various servers including those for External Dynamic Lists, DNS, email, and Palo Alto Networks updates servers. Service routes are used so that the communication between the firewall and servers goes through the data ports on the data plane. These data ports require appropriate security policies before external servers can be accessed.Service routes may be used to forward which two traffic types out a data port? Choose two.) A. External Dynamic Lists B. MineMeld C. Skype D. Palo Alto Networks updates ✔✔A. External Dynamic Lists D. Palo Alto Networks updates Which plane does the running‐config reside on? A. Management B. Control C. Data D. Security ✔✔C. Data All configuration changes in a Palo Alto Networks firewall are done to a candidate configuration, which resides in memory on the control plane. A commit activates the changes since the last commit and installs the running configuration on the data plane, where it will become the running configuration. Which plane does the candidate config reside on? A. Management B. Control C. Data D. Security ✔✔B. Control All configuration changes in a Palo Alto Networks firewall are done to a candidate configuration, which resides in memory on the control plane. A commit activates the changes since the last commit and installs the running configuration on the data plane, where it will become the running configuration.Candidate config and running config files are saved as which file type? A. EXE B. TXT C. HTML D. XML E. RAR ✔✔D. XML Which command must be performed on the firewall to activate any changes? A. commit

[Show More]

Last updated: 3 years ago

Preview 1 out of 33 pages

Buy Now

Instant download

We Accept:

Preview image of PCNSA Questions and Answers Already Graded A+ document

Buy this document to get the full access instantly

Instant Download Access after purchase

Buy Now

Instant download

We Accept:

Report Copyright Violation

Also available in bundle (1)

Click Below to Access Bundle(s)

PCNSA BUNDLE. ALL QUESTIONS AND ANSWERS. DIFERENT VERSIONS OF EXAM QUESTIONS WITH ACCURATE ANSWERS. RATED A DOCS

ALL YOU NEED TO PASS THE PCNSA EXAMS. PCNSA BUNDLE. ALL QUESTIONS AND ANSWERS. DIFERENT VERSIONS OF EXAM QUESTIONS WITH ACCURATE ANSWERS. RATED A DOCS

By bundleHub Solution guider 3 years ago

$25