PCNSA Exam Sample Questions Answers

Question No 1:

Employees are shown an application block page when they try to access YouTube. Which security policy is blocking the YouTube application?

A. intrazone-default
B. Deny Google
C. allowed-security services
D. interzone-default

Answer: D

Question No 2:

Which User-ID agent would be appropriate in a network with multiple WAN links, limited network bandwidth, and limited firewall management plane resources?

A. Windows-based agent deployed on the internal network
B. PAN-OS integrated agent deployed on the internal network
C. Citrix terminal server deployed on the internal network
D. Windows-based agent deployed on each of the WAN Links

Answer: A

Question No 3:

How many zones can an interface be assigned with a Palo Alto Networks firewall?

A. two
B. three
C. four
D. one

Answer: D

Question No 4:

When creating a Source NAT policy, which entry in the Translated Packet tab will display the options Dynamic IP and Port, Dynamic, Static IP, and None?

A. Translation Type
B. Interface
C. Address Type
D. IP Address

Answer: A

Question No 5:

Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. Complete the security policy to ensure only Telnet is allowed. Security Policy: Source Zone: Internal to DMZ Zone services “Application defaults”, and action = Allow

A. Destination IP: 192.168.1.123/24
B. Application = ‘Telnet’
C. Log Forwarding
D. USER-ID = ‘Allow users in Trusted’

Answer: B

Get PCNSA exam questions to pass exam.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *