PCNSA Exam Questions & Answers
A client downloads a malicious file from the internet. The Palo Alto firewall has a valid
WildFire subscription. The Security policy rule shown above matches the client HTTP session:
Whi
...
PCNSA Exam Questions & Answers
A client downloads a malicious file from the internet. The Palo Alto firewall has a valid
WildFire subscription. The Security policy rule shown above matches the client HTTP session:
Which three actions take place when the firewall's Content-ID engine detects a virus in the file
and the decoder action is set to "block"? (Choose three.) - ✔✔A threat log entry is generated.
The file download is terminated.
The client receives a block page.
A company has a pair of PA-3050s running PAN-OS 6.0.4. Antivirus, Threat Prevention, and
URL Filtering Profiles are in place and properly configured on both inbound and outbound
policies. A Security Operation Center (SOC) engineer starts his shift and faces the traffic logs
presented in the screenshot shown above. He notices that the traffic is being allowed outbound.
Which actions should the SOC engineer take to safely allow known but not yet qualified
applications, without disrupting the remaining traffic policies? - ✔✔Create Application Override
policies after a packet capture to identify the applications that are triggering the "unknown-tcp".
Then create new custom applications for those policies, and add these new policies above the
current policy that allows the traffic.
A company has a Palo Alto Networks firewall configured with the following three zones:
Internet DMZ Inside. All users are located on the Inside zone and are using public DNS servers
for name resolution. The company hosts a publicly accessible web application on a server in the
DMZ zone. Which NAT rule configuration will allow users on the Inside zone to access the web
application using its public IP address? - ✔✔Three zone U-turn NAT
A company has a Palo Alto Networks firewall configured with the following three zones:
Untrust-L3 DMZ Trust-L3. The company hosts a publicly accessible web application on a server
that resides in the Trust-L3 zone. The web server is associated with the following IP addresses:
Web Server Public IP: 2.2.2.1/24 , Web Server Private IP: 192.168.1.10/24 . The security
administrator configures the following two-zone U-Turn NAT rule to allow users using
10.10.1.0/24 on the "Trust-L3" zone to access the web server using its public IP address in the
Untrust-L3 zone: Which statement is true in this situation? - ✔✔The traffic will be considered
intra-zone based on the translated destination zone.
A company is deploying a pair of PA-50
[Show More]
.png)
