Free PCNSA Exam Braindumps

Which path in PAN-OS 10.0 displays the list of port-based security policy rules?

1. A. Policies> Security> Rule Usage> No App Specified
2. B. Policies> Security> Rule Usage> Port only specified
3. C. Policies> Security> Rule Usage> Port-based Rules
4. D. Policies> Security> Rule Usage> Unused Apps

Correct Answer: A
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/app-id/security-policy-rule-optimization/migrate-po

Which URL profiling action does not generate a log entry when a user attempts to access that URL?

1. A. Override
2. B. Allow
3. C. Block
4. D. Continue

Correct Answer: B

An administrator would like to protect against inbound threats such as buffer overflows and illegal code execution.
Which Security profile should be used?

1. A. Antivirus
2. B. URL filtering
3. C. Anti-spyware
4. D. Vulnerability protection

Correct Answer: C

You receive notification about a new malware that infects hosts An infection results in the infected host attempting to contact a command-and-control server Which Security Profile when applied to outbound Security policy rules detects and prevents this threat from establishing a command-and-control connection?

1. A. Antivirus Profile
2. B. Data Filtering Profile
3. C. Vulnerability Protection Profile
4. D. Anti-Spyware Profile

Correct Answer: D
Anti-Spyware Security Profiles block spyware on compromised hosts from trying to communicate with external command-and-control (C2) servers, thus enabling you to detect malicious traffic leaving the network from infected clients.

What allows a security administrator to preview the Security policy rules that match new application signatures?

1. A. Review Release Notes
2. B. Dynamic Updates-Review Policies
3. C. Dynamic Updates-Review App
4. D. Policy Optimizer-New App Viewer

Correct Answer: B
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/app-id/manage-new-app-ids-introduced-in-content