PCNSA Free Practice Test

What must be configured for the firewall to access multiple authentication profiles for external services to authenticate a non-local account?

1. A. authentication sequence
2. B. LDAP server profile
3. C. authentication server list
4. D. authentication list profile

Correct Answer: A

Which User Credential Detection method should be applied within a URL Filtering Security profile to check for the submission of a valid corporate username and the associated password?

1. A. Domain Credential
2. B. IP User
3. C. Group Mapping
4. D. Valid Username Detected Log Severity

Correct Answer: C

FILL IN THE BLANK
Refer to the exhibit. An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) receives HTTP traffic and Host B (10.1.1.101) receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.) A- Untrust (Any) to DMZ (1.1.1.100), ssh - Allow

1. A. Untrust (Any) to Untrust (10.1.1.1), web-browsing -Allow
2. B. Untrust (Any) to Untrust (10.1.1.1), ssh -Allow
3. C. Untrust (Any)to DMZ (10.1.1.100. 10.1.1.101), ssh, web-browsing-Allow
4. D. Untrust (Any) to DMZ (1.1.1.100), web-browsing - Allow

Correct Answer: AE

Which three configuration settings are required on a Palo Alto networks firewall management interface?

1. A. default gateway
2. B. netmask
3. C. IP address
4. D. hostname
5. E. auto-negotiation

Correct Answer: ABC

Reference:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClN7CAK

Complete the statement. A security profile can block or allow traffic

1. A. on unknown-tcp or unknown-udp traffic
2. B. after it is matched by a security policy that allows traffic
3. C. before it is matched by a security policy
4. D. after it is matched by a security policy that allows or blocks traffic

Correct Answer: B
Security profiles are objects added to policy rules that are configured with an action of allow.