The latest Palo Alto Networks Certified Network Security Administrator (PCNSA) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Palo Alto Networks Certified Network Security Administrator (PCNSA) exam and earn Palo Alto Networks Certified Network Security Administrator (PCNSA) certification.
Exam Question 71
Based on the security policy rules shown, ssh will be allowed on which port?
A. 80
B. 53
C. 22
D. 23
Correct Answer:
C. 22
Exam Question 72
An administrator notices that protection is needed for traffic within the network due to malicious lateral movement activity. Based on the image shown, which traffic would the administrator need to monitor and block to mitigate the malicious activity?
A. branch office traffic
B. north-south traffic
C. perimeter traffic
D. east-west traffic
Correct Answer:
D. east-west traffic
Exam Question 73
To use Active Directory to authenticate administrators, which server profile is required in the authentication profile?
A. domain controller
B. TACACS+
C. LDAP
D. RADIUS
Correct Answer:
C. LDAP
Exam Question 74
Which interface type is used to monitor traffic and cannot be used to perform traffic shaping?
A. Layer 2
B. Tap
C. Layer 3
D. Virtual Wire
Correct Answer:
B. Tap
Exam Question 75
Which administrator type utilizes predefined roles for a local administrator account?
A. Superuser
B. Role-based
C. Dynamic
D. Device administrator
Correct Answer:
C. Dynamic
Exam Question 76
Which two security profile types can be attached to a security policy? (Choose two.)
A. antivirus
B. DDoS protection
C. threat
D. vulnerability
Correct Answer:
A. antivirus
D. vulnerability
Exam Question 77
Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?
A. Active Directory monitoring
B. Windows session monitoring
C. Windows client probing
D. domain controller monitoring
Correct Answer:
A. Active Directory monitoring
Exam Question 78
Which three statements describe the operation of Security policy rules and Security Profiles? (Choose three.)
A. Security policy rules are attached to Security Profiles.
B. Security Profiles are attached to Security policy rules.
C. Security Profiles should be used only on allowed traffic.
D. Security policy rules inspect but do not block traffic.
E. Security policy rules can block or allow traffic.
Correct Answer:
A. Security policy rules are attached to Security Profiles.
B. Security Profiles are attached to Security policy rules.
C. Security Profiles should be used only on allowed traffic.
Exam Question 79
Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can run malicious code against a targeted machine.
A. Exploitation
B. Installation
C. Reconnaissance
D. Act on Objective
Correct Answer:
A. Exploitation
Exam Question 80
In the example security policy shown, which two websites would be blocked? (Choose two.)
A. LinkedIn
B. Facebook
C. YouTube
D. Amazon
Correct Answer:
A. LinkedIn
B. Facebook