[Sep 16, 2024] Palo Alto Networks PCNSA Exam Dumps Files, Q1/303: An administrator receives a global notification for a new malware that infects hosts. The infection will

Join the discussion

Question 1/303

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command-and-control (C2) server. Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

A. vulnerability protection profile applied to outbound security policies

B. anti-spyware profile applied to outbound security policies

C. antivirus profile applied to outbound security policies

D. URL filtering profile applied to outbound security policies

Add Comments

Other Question (303q): Q1. An administrator receives a global notification for a new malware that infects hosts. The ...; Q2. During the packet flow process, which two processes are performed in application identific...; Q3. When creating a Source NAT policy, which entry in the Translated Packet tab will display t...; Q4. The Net Sec Manager asked to create a new Firewall Operator profile with customized privil...; Q5. Which statement is true regarding a Best Practice Assessment?...; Q6. Which data-plane processor layer of the graphic shown provides uniform matching for spywar...; Q7. In the example security policy shown, which two websites fcked? (Choose two.) (Exhibit)...; Q8. Given the topology, which zone type should you configure for firewall interface E1/1?...; Q9. Which feature would be useful for preventing traffic from hosting providers that place few...; Q10. Which action related to App-ID updates will enable a security administrator to view the ex...; Q11. In a security policy what is the quickest way to rest all policy rule hit counters to zero...; Q12. An administrator receives a global notification for a new malware that infects hosts. The ...; Q13. What is the function of an application group object?...; Q14. An administrator is trying to understand which NAT policy is being matched. In what order ...; Q15. Selecting the option to revert firewall changes will replace what settings?...; Q16. Drag and Drop Question Place the following steps in the packet processing order of operati...; Q17. Based on the security policy rules shown, ssh will be allowed on which port? (Exhibit)...; Q18. You must configure which firewall feature to enable a data-plane interface to submit DNS q...; Q19. Which interface does not require a MAC or IP address?...; Q20. Which type of security rule will match traffic between the Inside zone and Outside zone, w...; Q21. Which administrator type provides more granular options to determine what the administrato...; Q22. What are the two default behaviors for the intrazone-default policy? (Choose two.)...; Q23. Which type of address object is "10 5 1 1/0 127 248 2"?...; Q24. Place the following steps in the packet processing order of operations from first to last....; Q25. Which stage of the cyber-attack lifecycle makes it important to provide ongoing education ...; Q26. Where in Panorama Would Zone Protection profiles be configured?...; Q27. Which parameter is used to view the Security policy rulebase as groups?...; Q28. How does an administrator schedule an Applications and Threats dynamic update while delayi...; Q29. Given the screenshot what two types of route is the administrator configuring? (Choose two...; Q30. Based on the show security policy rule would match all FTP traffic from the inside zone to...; Q31. Arrange the correct order that the URL classifications are processed within the system. (E...; Q32. Which three types of entries can be excluded from an external dynamic list (EDL)? (Choose ...; Q33. What is the main function of Policy Optimizer?...; Q34. An administrator wants to prevent access to media content websites that are risky. Which t...; Q35. Which User Credential Detection method should be applied within a URL Filtering Security p...; Q36. Which objects would be useful for combining several services that are often defined togeth...; Q37. When creating a Panorama administrator type of Device Group and Template Admin, which two ...; Q38. Given the topology, which zone type should zone A and zone B to be configured with? (Exhib...; Q39. The compliance officer requests that all evasive applications need to be blocked on all pe...; Q40. Match the Palo Alto Networks Security Operating Platform architecture to its description. ...; Q41. The CFO found a USB drive in the parking lot and decide to plug it into their corporate la...; Q42. Which order of steps is the correct way to create a static route?...; Q43. Your company is highly concerned with their Intellectual property being accessed by unauth...; Q44. To enable DNS sinkholing, which two addresses should be reserved? (Choose two.)...; Q45. A network administrator created an intrazone Security policy rule on the firewall. The sou...; Q46. An administrator is reviewing another administrator's Security policy log settings. Which ...; Q47. What does an administrator use to validate whether a session is matching an expected NAT p...; Q48. Which action would an administrator take to ensure that a service object will be available...; Q49. Based on the security policy rules shown, ssh will be allowed on which port? (Exhibit)...; Q50. Match the Cyber-Attack Lifecycle stage to its correct description. (Exhibit)...; Q51. You receive notification about new malware that is being used to attack hosts. The malware...; Q52. Which URL Filtering profile action would you set to allow users the option to access a sit...; Q53. Which path in PAN-OS 10.2 is used to schedule a content update to managed devices using Pa...; Q54. Match the network device with the correct User-ID technology. (Exhibit)...; Q55. A coworker found a USB labeled "confidential in the parking lot. They inserted the drive a...; Q56. A company moved its old port-based firewall to a new Palo Alto Networks NGFW 60 days ago. ...; Q57. Access to which feature requires the PAN-OS Filtering license?...; Q58. An administrator needs to create a Security policy rule that matches DNS traffic within th...; Q59. Match the network device with the correct User-ID technology. (Exhibit)...; Q60. Order the steps needed to create a new security zone with a Palo Alto Networks firewall. (...; Q61. Which three configuration settings are required on a Palo Alto networks firewall managemen...; Q62. Which data-plane processor layer of the graphic shown provides uniform matching for spywar...; Q63. In order to fulfill the corporate requirement to backup the configuration of Panorama and ...; Q64. What is a default setting for NAT Translated Packets when the destination NAT translation ...; Q65. An administrator wishes to follow best practices for logging traffic that traverses the fi...; Q66. Which Security profile can you apply to protect against malware such as worms and Trojans?...; Q67. Your company occupies one floor in a single building. You have two Active Directory domain...; Q68. Match the Cyber-Attack Lifecycle stage to its correct description. (Exhibit)...; Q69. At which stage of the cyber-attack lifecycle would the attacker attach an infected PDF fil...; Q70. Which administrator type utilizes predefined roles for a local administrator account?...; Q71. Which option shows the attributes that are selectable when setting up application filters?...; Q72. Which path in PAN-OS 9.0 displays the list of port-based security policy rules?...; Q73. Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. C...; Q74. Based on the shown security policy, which Security policy rule would match all FTP traffic...; Q75. Which statement is true regarding a Best Practice Assessment?...; Q76. In a security policy what is the quickest way to rest all policy rule hit counters to zero...; Q77. Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can ini...; Q78. (Exhibit) Given the detailed log information above, what was the result of the firewall tr...; Q79. Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone. C...; Q80. An administrator is updating Security policy to align with best practices. (Exhibit) Which...; Q81. Based on the graphic, what is the purpose of the SSL/TLS Service profile configuration opt...; Q82. The firewall sends employees an application block page when they try to access Youtube. Wh...; Q83. During the packet flow process, which two processes are performed in application identific...; Q84. (Exhibit) Given the network diagram, traffic should be permitted for both Trusted and Gues...; Q85. Which table for NAT and NPTv6 (IPv6-to-IPv6 Network Prefix Translation) settings is availa...; Q86. Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the...; Q87. Which license must an Administrator acquire prior to downloading Antivirus Updates for use...; Q88. An administrator needs to allow users to use their own office applications. How should the...; Q89. Which object would an administrator create to enable access to all applications in the off...; Q90. Which three factors can be used to create malware based on domain generation algorithms? (...; Q91. Which two statements are true for the DNS Security service introduced in PAN-OS version 10...; Q92. An administrator has configured a Security policy where the matching condition includes a ...; Q93. With the PAN-OS 11.0 release, which tab becomes newly available within the Vulnerability s...; Q94. Access to which feature requires the PAN-OS Filtering license?...; Q95. What do dynamic user groups you to do?; Q96. In which two Security Profiles can an action equal to the block IP feature be configured? ...; Q97. Based on the security policy rules shown, ssh will be allowed on which port? (Exhibit)...; Q98. Which CLI command will help confirm if FQDN objects are resolved in the event there is a s...; Q99. Which user mapping method could be used to discover user IDs in an environment with multip...; Q100. What are three Palo Alto Networks best practices when implementing the DNS Security Servic...; Q101. What are three configurable interface types for a data-plane ethernet interface? (Choose t...; Q102. How many zones can an interface be assigned with a Palo Alto Networks firewall?...; Q103. An administrator wants to prevent access to media content websites that are risky. Which t...; Q104. What is the purpose of the automated commit recovery feature?...; Q105. An administrator wants to reference the same address object in Security policies on 100 Pa...; Q106. Which type of security rule will match traffic between the Inside zone and Outside zone, w...; Q107. What is considered best practice with regards to committing configuration changes?...; Q108. In which two types of NAT can oversubscription be used? (Choose two.)...; Q109. Which Security policy action will message a user's browser that their web session has been...; Q110. What is considered best practice with regards to committing configuration changes?...; Q111. Match the network device with the correct User-ID technology. (Exhibit)...; Q112. Which User-ID mapping method should be used for an environment with clients that do not au...; Q113. Drag and Drop Question Match the Palo Alto Networks Security Operating Platform architectu...; Q114. Which two features can be used to tag a username so that it is included in a dynamic user ...; Q115. Which firewall feature do you need to configure to query Palo Alto Networks service update...; Q116. In the PAN-OS Web Interface, which is a session distribution method offered under NAT Tran...; Q117. Match the Palo Alto Networks Security Operating Platform architecture to its description. ...; Q118. Place the following steps in the packet processing order of operations from first to last....; Q119. An administrator is reviewing the Security policy rules shown in the screenshot. (Exhibit)...; Q120. (Exhibit) Based on the network diagram provided, which two statements apply to traffic bet...; Q121. Which data-plane processor layer of the graphic shown provides uniform matching for spywar...; Q122. Which security policy rule would be needed to match traffic that passes between the Outsid...; Q123. An address object of type IP Wildcard Mask can be referenced in which part of the configur...; Q124. Which data flow direction is protected in a zero trust firewall deployment that is not pro...; Q125. Which type firewall configuration contains in-progress configuration changes?...; Q126. Assume a custom URL Category Object of "NO-FILES" has been created to identify a specific ...; Q127. Match the Cyber-Attack Lifecycle stage to its correct description. (Exhibit)...; Q128. Which security policy rule would be needed to match traffic that passes between the Outsid...; Q129. Which order of steps is the correct way to create a static route?...; Q130. Which URL Filtering Profile action does not generate a log entry when a user attempts to a...; Q131. Drag and Drop Question Place the following steps in the packet processing order of operati...; Q132. What is a function of application tags?; Q133. Which path in PAN-OS 10.0 displays the list of port-based security policy rules?...; Q134. Which object would an administrator create to block access to all high-risk applications?...; Q135. Which component provides network security for mobile endpoints by inspecting traffic route...; Q136. Given the topology, which zone type should zone A and zone B to be configured with? (Exhib...; Q137. Which URL profiling action does not generate a log entry when a user attempts to access th...; Q138. Which two firewall components enable you to configure SYN flood protection thresholds? (Ch...; Q139. When creating a Source NAT policy, which entry in the Translated Packet tab will display t...; Q140. An administrator would like to create a URL Filtering log entry when users browse to any g...; Q141. Employees are shown an application block page when they try to access YouTube. Which secur...; Q142. Based on the screenshot presented which column contains the link that when clicked opens a...; Q143. An administrator would like to override the default deny action for a given application, a...; Q144. An administrator would like to silently drop traffic from the internet to a ftp server. Wh...; Q145. A systems administrator momentarily loses track of which is the test environment firewall ...; Q146. Based on the screenshot presented which column contains the link that when clicked opens a...; Q147. An administrator manages a network with 300 addresses that require translation. The admini...; Q148. What must be configured for the firewall to access multiple authentication profiles for ex...; Q149. Place the steps in the correct packet-processing order of operations. (Exhibit)...; Q150. Which type of firewall configuration contains in-progress configuration changes?...; Q151. You have been tasked to configure access to a new web server located in the DMZ. Based on ...; Q152. Actions can be set for which two items in a URL filtering security profile? (Choose two.)...; Q153. Complete the statement. A security profile can block or allow traffic____________...; Q154. You notice that protection is needed for traffic within the network due to malicious later...; Q155. How does the Policy Optimizer policy view differ from the Security policy view?...; Q156. Which two security profile types can be attached to a security policy? (Choose two.)...; Q157. Based on the graphic, what is the purpose of the SSL/TLS Service profile configuration opt...; Q158. Which two features can be used to tag a user name so that it is included in a dynamic user...; Q159. Given the screenshot, what two types of route is the administrator configuring? (Choose tw...; Q160. What is used to monitor Security policy applications and usage?...; Q161. Which two statements are true for the DNS security service introduced in PAN-OS version 9....; Q162. Drag and Drop Question Match each rule type with its example. (Exhibit)...; Q163. Which two statements are correct regarding multiple static default routes when they are co...; Q164. What are the two main reasons a custom application is created? (Choose two.)...; Q165. Match the network device with the correct User-ID technology. (Exhibit)...; Q166. What do you configure if you want to set up a group of objects based on their ports alone?...; Q167. Which action related to App-ID updates will enable a security administrator to view the ex...; Q168. Which service protects cloud-based applications such as Dropbox and Salesforce by administ...; Q169. Match the Cyber-Attack Lifecycle stage to its correct description. (Exhibit)...; Q170. Which two App-ID applications will need to be allowed to use Facebook-chat? (Choose two.)...; Q171. An administrator wants to prevent hacking attacks through DNS queries to malicious domains...; Q172. Place the steps in the correct packet-processing order of operations. (Exhibit)...; Q173. How are Application Filters or Application Groups used in firewall policy?...; Q174. The administrator profile "SYS01 Admin" is configured with authentication profile "Authent...; Q175. Refer to the exhibit. A web server in the DMZ is being mapped to a public address through ...; Q176. An administrator wishes to follow best practices for logging traffic that traverses the fi...; Q177. Match the Cyber-Attack Lifecycle stage to its correct description. (Exhibit)...; Q178. Prior to a maintenance-window activity, the administrator would like to make a backup of o...; Q179. Which statement is true about Panorama managed devices?...; Q180. How is the hit count reset on a rule?; Q181. What in the minimum frequency for which you can configure the firewall too check for new w...; Q182. What are the two ways to implement an exception to an external dynamic list? (Choose two.)...; Q183. When creating a Source NAT policy, which entry in the Translated Packet tab will display t...; Q184. Ethernet 2/1 has an IP Address of 10.0.1.2 in Zone 'trust' (LAN). If both interfaces are c...; Q185. Within the WildFire Analysis profile, which three items are configurable? (Choose three.)...; Q186. Which three statement describe the operation of Security Policy rules or Security Profiles...; Q187. Order the steps needed to create a new security zone with a Palo Alto Networks firewall. (...; Q188. What must exist in order for the firewall to route traffic between Layer 3 interfaces?...; Q189. Based on the show security policy rule would match all FTP traffic from the inside zone to...; Q190. An administrator wants to enable access to www.paloaltonetworks.com while denying access t...; Q191. Which action related to App-ID updates will enable a security administrator to view the ex...; Q192. Which dynamic update type includes updated anti-spyware signatures?...; Q193. In which threat profile object would you configure the DNS Security service?...; Q194. (Exhibit) An administrator is updating Security policy to align with best practices. Which...; Q195. An administrator receives a global notification for a new malware that infects hosts. The ...; Q196. In which profile should you configure the DNS Security feature?...; Q197. All users from the internal zone must be allowed only Telnet access to a server in the DMZ...; Q198. What must first be created on the firewall for SAML authentication to be configured?...; Q199. Which three configuration settings are required on a Palo Alto networks firewall managemen...; Q200. An administrator would like to override the default deny action for a given application an...; Q201. What are three valid source or D=destination conditions available as Security policy quali...; Q202. Which two security profile types can be attached to a security policy? (Choose two.)...; Q203. You notice that protection is needed for traffic within the network due to malicious later...; Q204. To what must an interface be assigned before it can process traffic?...; Q205. Which stage of the cyber-attack lifecycle makes it important to provide ongoing education ...; Q206. Which Security Profile can provide protection against ICMP floods, based on individual com...; Q207. Where within the URL Filtering security profile must a user configure the action to preven...; Q208. Refer to the exhibit. An administrator is using DNAT to map two servers to a single public...; Q209. An administrator wants to create a No-NAT rule to exempt a flow from the default NAT rule....; Q210. Based on the security policy rules shown, ssh will be allowed on which port? (Exhibit)...; Q211. A server-admin in the USERS-zone requires SSH-access to all possible servers in all curren...; Q212. Which type of administrator account cannot be used to authenticate user traffic flowing th...; Q213. Refer to the exhibit. A web server in the DMZ is being mapped to a public address through ...; Q214. Which two configuration settings shown are not the default? (Choose two.) (Exhibit)...; Q215. Given the scenario, which two statements are correct regarding multiple static default rou...; Q216. Drag and Drop Question Match the Cyber-Attack Lifecycle stage to its correct description. ...; Q217. An administrator is reviewing another administrator s Security policy log settings. Which ...; Q218. How do you reset the hit count on a security policy rule?...; Q219. Given the screenshot, what are two correct statements about the logged traffic? (Choose tw...; Q220. Place the steps in the correct packet-processing order of operations. (Exhibit)...; Q221. The Administrator profile "PCNSA Admin" is configured with an Authentication profile "Auth...; Q222. Based on the graphic which statement accurately describes the output shown in the server m...; Q223. Which two Palo Alto Networks security management tools provide a consolidated creation of ...; Q224. Based on the screenshot presented, which column contains the link that when clicked, opens...; Q225. Given the image, which two options are true about the Security policy rules. (Choose two.)...; Q226. At which point in the App-ID update process can you determine if an existing policy rule i...; Q227. In which profile should you configure the DNS Security feature?...; Q228. An administrator receives a global notification for a new malware that infects hosts. The ...; Q229. Which rule type is appropriate for matching traffic occurring within a specified zone?...; Q230. Which path is used to save and load a configuration with a Palo Alto Networks firewall?...; Q231. When creating an Admin Role profile, if no changes are made, which two administrative meth...; Q232. What are two valid selections within an Anti-Spyware profile? (Choose two.)...; Q233. Given the image, which two options are true about the Security policy rules. (Choose two.)...; Q234. The Port Mapping user mapping method can monitor which two types of environments? (Choose ...; Q235. Place the following steps in the packet processing order of operations from first to last....; Q236. Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can ini...; Q237. Review the Screenshot: (Exhibit) Given the network diagram, traffic must be permitted for ...; Q238. An administrator is investigating a log entry for a session that is allowed and has the en...; Q239. Which statement is true regarding a Best Practice Assessment?...; Q240. Arrange the correct order that the URL classifications are processed within the system. (E...; Q241. Which link in the web interface enables a security administrator to view the security poli...; Q242. Choose the option that correctly completes this statement. A Security Profile can block or...; Q243. Employees are shown an application block page when they try to access YouTube. Which secur...; Q244. During the packet flow process, which two processes are performed in application identific...; Q245. Match the cyber-attack lifecycle stage to its correct description. (Exhibit)...; Q246. Given the topology, which zone type should zone A and zone B to be configured with? (Exhib...; Q247. An administrator needs to add capability to perform real-time signature lookups to block o...; Q248. Prior to a maintenance-window activity, the administrator would like to make a backup of o...; Q249. Which statement is true regarding a Prevention Posture Assessment?...; Q250. Which two actions are needed for an administrator to get real-time WildFire signatures? (C...; Q251. What in the minimum frequency for which you can configure the firewall too check for new w...; Q252. Which two features can be used to tag a user name so that it is included in a dynamic user...; Q253. Which two features implement one-to-one translation of a source IP address while allowing ...; Q254. An administrator notices that protection is needed for traffic within the network due to m...; Q255. You receive notification about new malware that infects hosts through malicious files tran...; Q256. An administrator is trying to implement an exception to an external dynamic list manually....; Q257. Which two configuration settings shown are not the default? (Choose two.) (Exhibit)...; Q258. Given the cyber-attack lifecycle diagram identify the stage in which the attacker can run ...; Q259. Which two firewall components enable you to configure SYN flood protection thresholds? (Ch...; Q260. Arrange the correct order that the URL classifications are processed within the system. (E...; Q261. Which data flow direction is protected in a zero trust firewall deployment that is not pro...; Q262. Which two features can be used to tag a user name so that it is included in a dynamic user...; Q263. An administrator configured a Security policy rule where the matching condition includes a...; Q264. Order the steps needed to create a new security zone with a Palo Alto Networks firewall. (...; Q265. Why does a company need an Antivirus profile?; Q266. Complete the statement. A security profile can block or allow traffic....; Q267. Given the detailed log information above, what was the result of the firewall traffic insp...; Q268. Which Palo Alto Networks service protects cloud-based applications such as Dropbox and Sal...; Q269. Based on the graphic which statement accurately describes the output shown in the server m...; Q270. Based on the show security policy rule would match all FTP traffic from the inside zone to...; Q271. If users from the Trusted zone need to allow traffic to an SFTP server in the DMZ zone, ho...; Q272. How often are new and modified threat signatures and modified applications signatures publ...; Q273. Based on the screenshot what is the purpose of the included groups? (Exhibit)...; Q274. Which two components are utilized within the Single-Pass Parallel Processing architecture ...; Q275. What can be achieved by selecting a policy target prior to pushing policy rules from Panor...; Q276. (Exhibit) Given the network diagram, traffic should be permitted for both Trusted and Gues...; Q277. What are two differences between an implicit dependency and an explicit dependency in App-...; Q278. Which action can be performed when grouping rules by group tags?...; Q279. Based on the security policy rules shown, ssh will be allowed on which port? (Exhibit)...; Q280. Which Security profile can be used to detect and block compromised hosts from trying to co...; Q281. Order the steps needed to create a new security zone with a Palo Alto Networks firewall. (...; Q282. Which license must an Administrator acquire prior to downloading Antivirus Updates for use...; Q283. When creating a Source NAT policy, which entry in the Translated Packet tab will display t...; Q284. What is the main function of the Test Policy Match function?...; Q285. Based on the security policy rules shown, ssh will be allowed on which port? (Exhibit)...; Q286. Where within the URL Filtering security profile must a user configure the action to preven...; Q287. Which two configuration settings shown are not the default? (Choose two.) (Exhibit)...; Q288. What are two differences between an application group and an application filter? (Choose t...; Q289. An administrator has configured a Security policy where the matching condition includes a ...; Q290. Which information is included in device state other than the local configuration?...; Q291. What is the default action for the SYN Flood option within the DoS Protection profile?...; Q292. Based on the screenshot what is the purpose of the included groups? (Exhibit)...; Q293. Which three Ethernet interface types are configurable on the Palo Alto Networks firewall? ...; Q294. Which Palo Alto network security operating platform component provides consolidated policy...; Q295. Based on the Security policy rules shown, SSH will be allowed on which port? (Exhibit)...; Q296. Which statement is true about Panorama managed devices?...; Q297. Based on the show security policy rule would match all FTP traffic from the inside zone to...; Q298. Order the steps needed to create a new security zone with a Palo Alto Networks firewall. (...; Q299. Where does a user assign a tag group to a policy rule in the policy creation window?...; Q300. Which two DNS policy actions in the anti-spyware security profile can prevent hacking atta...; Q301. Which path in PAN-OS 11.x would you follow to see how new and modified App-IDs impact a Se...; Q302. Given the topology, which zone type should zone A and zone B to be configured with? (Exhib...; Q303. Based on the graphic, what is the purpose of the SSL/TLS Service profile configuration opt...

Join the discussion

Question 1/303

Add Comments

Download PDF File