PCNSA Free Practice Test

You receive notification about new malware that is being used to attack hosts The malware exploits a software bug in a common application
Which Security Profile detects and blocks access to this threat after you update the firewall's threat signature database?

1. A. Data Filtering Profile applied to outbound Security policy rules
2. B. Antivirus Profile applied to outbound Security policy rules
3. C. Data Filtering Profile applied to inbound Security policy rules
4. D. Vulnerability Profile applied to inbound Security policy rules

Correct Answer: B

After making multiple changes to the candidate configuration of a firewall, the administrator would like to start over with a candidate configuration that matches the running configuration.
Which command in Device > Setup > Operations would provide the most operationally efficient way to accomplish this?

1. A. Import named config snapshot
2. B. Load named configuration snapshot
3. C. Revert to running configuration
4. D. Revert to last saved configuration

Correct Answer: C

Which stage of the cyber-attack lifecycle makes it important to provide ongoing education to users on spear phishing links, unknown emails, and risky websites?

1. A. reconnaissance
2. B. delivery
3. C. exploitation
4. D. installation

Correct Answer: B
Weaponization and Delivery: Attackers will then determine which methods to use in order to deliver malicious payloads. Some of the methods they might utilize are automated tools, such as exploit kits, spear phishing attacks with malicious links, or attachments and malvertizing.
Gain full visibility into all traffic, including SSL, and block high-risk applications. Extend those protections to remote and mobile devices.
Protect against perimeter breaches by blocking malicious or risky websites through URL filtering.
Block known exploits, malware and inbound command-and-control communications using multiple threat prevention disciplines, including IPS, anti-malware, anti-CnC, DNS monitoring and sinkholing, and file and content blocking.
Detect unknown malware and automatically deliver protections globally to thwart new attacks.
Provide ongoing education to users on spear phishing links, unknown emails, risky websites, etc.
https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle

Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. Complete the security policy to ensure only Telnet is allowed.
Security Policy: Source Zone: Internal to DMZ Zone services “Application defaults”, and action = Allow

1. A. Destination IP: 192.168.1.123/24
2. B. Application = ‘Telnet’
3. C. Log Forwarding
4. D. USER-ID = ‘Allow users in Trusted’

Correct Answer: B

Which service protects cloud-based applications such as Dropbox and Salesforce by administering permissions and scanning files for sensitive information?

1. A. Aperture
2. B. AutoFocus
3. C. Parisma SaaS
4. D. GlobalProtect

Correct Answer: C