Practice Exams:

Free PCNSA Exam Braindumps

Pass your Palo Alto Networks Certified Network Security Administrator exam with these free Questions and Answers

Page 3 of 58
PDF with 287 Questions
QUESTION 6

The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.
Which security profile feature could have been used to prevent the communication with the CnC server?

  1. A. Create an anti-spyware profile and enable DNS Sinkhole
  2. B. Create an antivirus profile and enable DNS Sinkhole
  3. C. Create a URL filtering profile and block the DNS Sinkhole category
  4. D. Create a security policy and enable DNS Sinkhole

Correct Answer: A

QUESTION 7

You receive notification about new malware that is being used to attack hosts The malware exploits a software bug in a common application
Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?

  1. A. Data Filtering Profile applied to outbound Security policy rules
  2. B. Antivirus Profile applied to outbound Security policy rules
  3. C. Data Filtering Profile applied to inbound Security policy rules
  4. D. Vulnerability Profile applied to inbound Security policy rules

Correct Answer: B

QUESTION 8

Which feature would be useful for preventing traffic from hosting providers that place few restrictions on content, whose services are frequently used by attackers to distribute illegal or unethical material?

  1. A. Palo Alto Networks Bulletproof IP Addresses
  2. B. Palo Alto Networks C&C IP Addresses
  3. C. Palo Alto Networks Known Malicious IP Addresses
  4. D. Palo Alto Networks High-Risk IP Addresses

Correct Answer: A
To block hosts that use bulletproof hosts to provide malicious, illegal, and/or unethical content, use the bulletproof IP address list in policy.
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/content-inspection-features/edl-for-bulletpro

QUESTION 9

Why does a company need an Antivirus profile?

  1. A. To prevent command-and-control traffic
  2. B. To protect against viruses, worms, and trojans
  3. C. To prevent known exploits
  4. D. To prevent access to malicious web content

Correct Answer: B

QUESTION 10

An administrator is troubleshooting an issue with traffic that matches the intrazone-default rule, which is set to default configuration.
What should the administrator do?

  1. A. change the logging action on the rule
  2. B. review the System Log
  3. C. refresh the Traffic Log
  4. D. tune your Traffic Log filter to include the dates

Correct Answer: A

Page 3 of 58
PDF with 287 Questions

Post your Comments and Discuss Paloalto-Networks PCNSA exam with other Community members: