Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

PCNSA Exam Dumps - Palo Alto Networks Certified Network Security Administrator (PAN-OS 10.0)

Go to page:
Question # 57

Review the Screenshot:

Given the network diagram, traffic must be permitted for SSH and MYSQL from the DMZ to the SERVER zones, crossing two firewalls. In addition, traffic should be permitted from the

SERVER zone to the DMZ on SSH only.

Which rule group enables the required traffic?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 58

How is the hit count reset on a rule?

A.

select a security policy rule, right click Hit Count > Reset

B.

with a dataplane reboot

C.

Device > Setup > Logging and Reporting Settings > Reset Hit Count

D.

in the CLI, type command reset hitcount

Full Access
Question # 59

An administrator wants to enable access to www.paloaltonetworks.com while denying access to all other sites in the same category.

Which object should the administrator create to use as a match condition for the security policy rule that allows access to www.paloaltonetworks.com?

A.

Application group

B.

Address ab

C.

URL category

D.

Service

Full Access
Question # 60

Which path is used to save and load a configuration with a Palo Alto Networks firewall?

A.

Device>Setup>Services

B.

Device>Setup>Management

C.

Device>Setup>Operations

D.

Device>Setup>Interfaces

Full Access
Question # 61

The Palo Alto Networks NGFW was configured with a single virtual router named VR-1 What changes are required on VR-1 to route traffic between two interfaces on the NGFW?

A.

Add zones attached to interfaces to the virtual router

B.

Add interfaces to the virtual router

C.

Enable the redistribution profile to redistribute connected routes

D.

Add a static routes to route between the two interfaces

Full Access
Question # 62

URL categories can be used as match criteria on which two policy types? (Choose two.)

A.

authentication

B.

decryption

C application override

C.

NAT

Full Access
Question # 63

A website is unexpectedly allowed due to miscategorization.

What are two way-s to resolve this issue for a proper response? (Choose two.)

A.

Identify the URL category being assigned to the website.

Edit the active URL Filtering profile and update that category's site access settings to block.

B.

Create a URL category and assign the affected URL.

Update the active URL Filtering profile site access setting for the custom URL category to block.

C.

Review the categorization of the website on https://urlfiltering.paloaltonetworks.com.

Submit for "request change*, identifying the appropriate categorization, and wait for confirmation before testing again.

D.

Create a URL category and assign the affected URL.

Add a Security policy with a URL category qualifier of the custom URL category below the original policy. Set the policy action to Deny.

Full Access
Question # 64

Within a WildFire Analysis Profile, what match criteria can be defined to forward samples for analysis?

A.

Application Category

B.

Source

C.

File Size

D.

Direction

Full Access
Go to page: