PCNSA Free Practice Test

How many zones can an interface be assigned with a Palo Alto Networks firewall?

1. A. two
2. B. three
3. C. four
4. D. one

Correct Answer: D

Which update option is not available to administrators?

1. A. New Spyware Notifications
2. B. New URLs
3. C. New Application Signatures
4. D. New Malicious Domains
5. E. New Antivirus Signatures

Correct Answer: B

Which operations are allowed when working with App-ID application tags?

1. A. Predefined tags may be deleted.
2. B. Predefined tags may be augmented by custom tags.
3. C. Predefined tags may be modified.
4. D. Predefined tags may be updated by WildFire dynamic updates.

Correct Answer: B

What is a recommended consideration when deploying content updates to the firewall from Panorama?

1. A. Before deploying content updates, always check content release version compatibility.
2. B. Content updates for firewall A/P HA pairs can only be pushed to the active firewall.
3. C. Content updates for firewall A/A HA pairs need a defined master device.
4. D. After deploying content updates, perform a commit and push to Panorama.

Correct Answer: D
Reference:https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/manage-licenses-and-updates/deploy-updates-to-firewalls-log-collectors-and-wildfire-appliances-using-panorama/schedule-a-content-update-using-panorama.html

Which option lists the attributes that are selectable when setting up an Application filters?

1. A. Category, Subcategory, Technology, and Characteristic
2. B. Category, Subcategory, Technology, Risk, and Characteristic
3. C. Name, Category, Technology, Risk, and Characteristic
4. D. Category, Subcategory, Risk, Standard Ports, and Technology

Correct Answer: B
Explanation/Reference: Reference:
https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-web-interface-help/objects/objects- application- filters