PCNSA Free Practice Test

An administrator would like to override the default deny action for a given application and instead would like to block the traffic and send the ICMP code "communication with the destination is administratively prohibited"
Which security policy action causes this?

1. A. Drop
2. B. Drop, send ICMP Unreachable
3. C. Reset both
4. D. Reset server

Correct Answer: B

What is a function of application tags?

1. A. creation of new zones
2. B. application prioritization
3. C. automated referenced applications in a policy
4. D. IP address allocations in DHCP

Correct Answer: C

Which URL profiling action does not generate a log entry when a user attempts to access that URL?

1. A. Override
2. B. Allow
3. C. Block
4. D. Continue

Correct Answer: B

Which type of address object is www.paloaltonetworks.com?

1. A. IP range
2. B. IP netmask
3. C. named address
4. D. FQDN

Correct Answer: D

Which three types of authentication services can be used to authenticate user traffic flowing through the firewalls data plane? (Choose three )

1. A. TACACS
2. B. SAML2
3. C. SAML10
4. D. Kerberos
5. E. TACACS+

Correct Answer: ABD