PCNSA Free Practice Test

Starting with PAN-OS version 9.1, application dependency information is now reported in which two locations? (Choose two.)

1. A. on the App Dependency tab in the Commit Statuswindow
2. B. on the Policy Optimizer'sRule UsagepageC ontheApplication tab in the Security Policy Rulecreation window
3. C. ontheObjects>Applicationsbrowser pages

Correct Answer: AC

Reference:https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app-id/use-application-objects-in-policy/resolve-application-dependencies.html

Within an Anti-Spyware security profile, which tab is used to enable machine learning based engines?

1. A. Inline Cloud Analysis
2. B. Signature Exceptions
3. C. Machine Learning Policies
4. D. Signature Policies

Correct Answer: A
✑ An Anti-Spyware security profile is a set of rules that defines how the firewall detects and prevents spyware from compromising hosts on the network. Spyware is a type of malware that collects information from the infected system, such as keystrokes, browsing history, or personal data, and sends it to an external command-and-control (C2) server1.
✑ An Anti-Spyware security profile consists of four tabs: Signature Policies, Signature Exceptions, Machine Learning Policies, and Inline Cloud Analysis1.
✑ The Signature Policies tab allows you to configure the actions and log settings for each spyware signature category, such as adware, botnet, keylogger, phishing, or worm. You can also enable DNS Security to block malicious DNS queries and responses1.
✑ The Signature Exceptions tab allows you to create exceptions for specific spyware signatures that you want to override the default action or log settings. For example, you can allow a signature that is normally blocked by the profile, or block a signature that is normally alerted by the profile1.
✑ The Machine Learning Policies tab allows you to configure the actions and log settings for machine learning based signatures that detect unknown spyware variants. You can also enable WildFire Analysis to submit unknown files to the cloud for further analysis1.
✑ The Inline Cloud Analysis tab allows you to enable machine learning based engines that detect unknown spyware variants in real time. These engines use cloud-based models to analyze the behavior and characteristics of network traffic and identify malicious patterns. You can enable inline cloud analysis for HTTP/HTTPS traffic, SMTP/SMTPS traffic, or IMAP/IMAPS traffic1.
Therefore, the tab that is used to enable machine learning based engines is the Inline
Cloud Analysis tab. References:
1: Security Profile: Anti-Spyware - Palo Alto Networks

An administrator is configuring a NAT rule
At a minimum, which three forms of information are required? (Choose three.)

1. A. name
2. B. source zone
3. C. destination interface
4. D. destination address
5. E. destination zone

Correct Answer: BDE

In the example security policy shown, which two websites fcked? (Choose two.)

1. A. LinkedIn
2. B. Facebook
3. C. YouTube
4. D. Amazon

Correct Answer: AB

The compliance officer requests that all evasive applications need to be blocked on all perimeter firewalls out to the internet The firewall is configured with two zones;
* 1. trust for internal networks
* 2. untrust to the internet
Based on the capabilities of the Palo Alto Networks NGFW, what are two ways to configure a security policy using App-ID to comply with this request? (Choose two )

1. A. Create a deny rule at the top of the policy from trust to untrust with service application- default and add an application filter with the evasive characteristic
2. B. Create a deny rule at the top of the policy from trust to untrust over any service and select evasive as the application
3. C. Create a deny rule at the top of the policy from trust to untrust with service application- default and select evasive as the application
4. D. Create a deny rule at the top of the policy from trust to untrust over any service and add an application filter with the evasive characteristic

Correct Answer: AD