PCNSA Questions and Answers with Complete Solutions. Rated A

Document Content and Description Below

PCNSA Questions and Answers with Complete Solutions 1. The Palo Alto Networks Cybersecurity Portfolio focuses on which three principle technologies? (Choose three.) A. securing operations response... B. securing the enterprise C. securing third-party application access D. securing the cloud E. securing the internet of things ✔✔ABD 2. What are four components of the Palo Alto Networks Cybersecurity Portfolio? (Choose four.) A. Cortex DynamicDNS B. Wildfire C. Cortex XDR D. OpenConnect E. Prisma Access F. Autofocus ✔✔BCEF 3. Which cloud-delivered security service provides instant access to community-based threat data? A. Prisma Saas B. Autofocus C. Unit 42 D. Cortex XOR ✔✔B 4. Which cloud-delivered security service provides security and connectivity for branches and mobile users? A. Cortex XSOAR B. Cortex XORC. AutoFocus D. Prisma Access ✔✔D 5. Which Palo Alto Networks Cybersecurity Portfolio product provides access to applications from Palo Alto Networks, third parties, and customers? A. WildFire B. Cortex Data Lake C. Network Security D. Prisma Access ✔✔B 6. Which Palo Alto Networks firewall feature provides all the following abilities? • Stops malware, exploits, and ransomware before they can compromise endpoints • Provides protection while endpoints are online and offline, on network and off • Coordinates enforcement with network and cloud security to prevent successful attacks • Detects threats and automates containment to minimize impact • Creates zero-day malware signatures with cloud-based threat analysis • Integrates with Palo Alto Networks Cortex Data Lake A. Cortex XDR B. Prisma Saas C. WildFire D. AutoFocus ✔✔A 7. Which three management features does the Control Plane provide? (Choose three .) A. security processing B. logging C. reporting D. firewall configuration E. signature matching F. network processing ✔✔BCD8. Which three data processing features does the data plane provide? (Choose three .) A. security processing B. logging C. reporting D. firewall configuration E. signature matching F. network processing ✔✔AEF 9. What are three components of the Network Processing module? (Choose three.) A. QoS B. NAT C. App-ID D. flow control E. URL match F. spyware ✔✔ABD 10. Which approach most accurately defines the Palo Alto Networks SP3 architecture? A. prioritize first B. sequential processing C. scan it all, scan it once D. Zero Trust segmentation platform ✔✔C 11. What is the result of using a stream-based architectural design? A. superior performance B. increased latency C. detailed logging D. increased functionality ✔✔A 12. Which security model does Palo Alto Networks recommend that you deploy? A. separation-of-trustB. Zero Trust C. trust-then-verify D. never trust ✔✔B 13. The Zero Trust model is implemented to specifically inspect which type of traffic? A. east-west B. north-south C. left-right D. up-down ✔✔A 14. What are the three main concepts of Zero Trust? (Choose three.) A. All resources are accessed in a secure manner, regardless of location. B. Access control is on a "need-to-know" basis and is strictly enforced. C. Credentials need to be verified. D. All traffic is logged and inspected. E. Internal users are trusted implicitly . F. External users are trusted explicit ly. ✔✔ABD 15. Which two statements are true about the Zero Trust model? (Choose two.) A. Traffic is inspected laterally. B. Traffic is inspected east-west. C. Internal traffic is implicitly trusted. D. External traffic is implicitly trusted. ✔✔AB 16. Which three Palo Alto Networks products secure your network? (Choose three.) A. MineMerge B. Prisma Saas C. URL filtering D. Containers E. TrapContentF. Wildfire ✔✔BCF Page 33 17. True or false: Blockage of just one stage in the cyberattack lifecycle will protect a company's network from attack. A. true B. false ✔✔A 18. What are two stages of the cyberattack lifecycle? (Choose two.) A. weaponization and delivery B. manipulation C. extraction D. command and control ✔✔AD 19. Command and control can be prevented through which two methods? (Choose two.) A. exploitation B. DNS Sinkholing C. URL filtering D. reconnaissance ✔✔BC 20. Exploitation can be mitigated by which two actions? (Choose two.) A. keeping systems patched B. using local accounts C. blocking known and unknown vulnerability exploits on the endpoint D. providing admin credentials ✔✔AC 21. What are two firewall management methods? (Choose two.) A. CLI B. RDP C. VPND. XML API ✔✔AD 22. Which two devices are used to connect a computer to the firewall for management purposes? (Choose two.) A. rollover cable B. serial cable C. RJ-45 Ethernet cable D. USB cable ✔✔BC 23. What is the default IP address on the MGT interfaces of a Palo Alto Networks firewall? A. 192.168.1.1 B. 1 92.168.1.254 C. 10.0.0.1 D. 10.0.0.254 ✔✔A 24. What are the two default services that are available on the MGT interface? (Choose two.) A. HTTPS B. SSH C. HTTP D. Telnet ✔✔AB Page 39 25. True or false. Service route traffic has Security policy rules applied against it. A. true B. false ✔✔A 26. Service routes may be used to forward which two traffic types out of a data port? (Choose two.) A. External Dynamic Lists B. MineMeldC. Skype D. Palo Alto Networks updates ✔✔AD Page 45 27. Which firewall plane does the running-configuration reside on? A. management B. control C. data D. security ✔✔C 28. Which firewall plane does the candidate configuration reside on? A. management B. control C. data D. security ✔✔B 29. Candidate config and running config files are saved as which file type? A. TXT B. HTML C. XML D. RAR ✔✔C 30. Which command must be performed on the firewall to activate any changes? A. commit B. save C. load D. import ✔✔A 31. Which command backs up configuration files to a remote network device? A. importB. load C. copy D. export ✔✔D 32. The command load named configuration snapshot overwrites the current candidate configuration with which three items? (Choose three .) A. custom-named candidate configuration snapshot (instead of the default snapshot) B. custom-named running configuration that you imported C. snapshot .xml D. current running configuration (running-config.xml) E. Palo Alto Networks updates ✔✔ABD 33. What is the shortest time interval that you can configure a Palo Alto Networks firewall to download WildFire updates? A. 1 minute B. 5 minutes C. 15 minutes D. 60 minutes ✔✔A 34. What is the publishing interval for WildFire updates, with a valid WildFire license? A. 1 minute B. 5 minutes C. 15 minutes D. 60 minutes ✔✔B Page 58 35. True or false. A Palo Alto Networks firewall automatically provides a backup of the configuration during a software upgrade [Show More]

Last updated: 1 year ago

Preview 1 out of 26 pages