PCNSA Dumps

PCNSA Free Practice Test

Paloalto-Networks PCNSA: Palo Alto Networks Certified Network Security Administrator

QUESTION 41

Which administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact and command-and-control (C2) server.
Which security profile components will detect and prevent this threat after the firewall`s signature database has been updated?

Correct Answer: C

QUESTION 42

Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?

Correct Answer: B

QUESTION 43

Which type of security rule will match traffic between the Inside zone and Outside zone, within the Inside zone, and within the Outside zone?

Correct Answer: D
References:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClomCAC

QUESTION 44

An administrator would like to apply a more restrictive Security profile to traffic for file sharing applications. The administrator does not want to update the Security policy or object when new applications are released.
Which object should the administrator use as a match condition in the Security policy?

Correct Answer: D

QUESTION 45

How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?

Correct Answer: D