최신 PCNSA 무료덤프 - Palo Alto Networks Certified Network Security Administrator

문제1

You must configure which firewall feature to enable a data-plane interface to submit DNS queries on behalf of the control plane?

A. virtual router

B. DNS proxy

C. service route

D. Admin Role profile

정답: D

문제2

Which action related to App-ID updates will enable a security administrator to view the existing security policy rule that matches new application signatures?

A. Pre-analyze

B. Review Policies

C. Review Apps

D. Review App Matches

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

A network administrator creates an intrazone security policy rule on a NGFW. The source zones are set to IT.
Finance, and HR.
To which two types of traffic will the rule apply? (Choose two.)

A. Between zone IT and zone HR

B. Between zone IT and zone Finance

C. Within zone IT

D. Within zone HR

정답: C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

URL categories can be used as match criteria on which two policy types? (Choose two.)

A. authentication

B. decryption
C application override

C. NAT

정답: A,B

문제5

After making multiple changes to the candidate configuration of a firewall, the administrator would like to start over with a candidate configuration that matches the running configuration.
Which command in Device > Setup > Operations would provide the most operationally efficient way to accomplish this?

A. Import named config snapshot

B. Revert to running configuration

C. Revert to last saved configuration

D. Load named configuration snapshot

정답: B

문제6

Given the screenshot, what are two correct statements about the logged traffic? (Choose two.)

A. The web session was unsuccessfully decrypted.

B. The traffic was denied by URL filtering.

C. The web session was decrypted.

D. The traffic was denied by security profile.

정답: C

문제7

What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

A. authentication server list

B. authentication list profile

C. authentication sequence

D. LDAP server profile

정답: C

문제8

Which Palo Alto network security operating platform component provides consolidated policy creation and centralized management?

A. AutoFocus

B. Prisma SaaS

C. Panorama

D. GlobalProtect

정답: C

문제9

Given the topology, which zone type should you configure for firewall interface E1/1?

A. Layer3

B. Tap

C. Tunnel

D. Virtual Wire

정답: B

문제10

Which type of profile must be applied to the Security policy rule to protect against buffer overflows illegal code execution and other attempts to exploit system flaws?

A. file blocking

B. URL filtering

C. vulnerability protection

D. anti-spyware

정답: C

문제11

Which two rule types allow the administrator to modify the destination zone? (Choose two )

A. intrazone

B. shadowed

C. interzone

D. universal

정답: C,D

문제12

Which three filter columns are available when setting up an Application Filter? (Choose three.)

A. Parent App

B. Risk

C. Subcategory

D. Standard Ports

E. Category

정답: B,C,E

설명: (DumpTOP 회원만 볼 수 있음)

최신 PCNSA 무료덤프 - Palo Alto Networks Certified Network Security Administrator

우리와 연락하기

유용한 링크

최신 업데이트