Palo Alto Networks PCNSA Quiz 3 Topic 7 Questions 11-15

Question: 1

All users from the internal zone must be allowed only Telnet access to a server in the DMZ zone. Complete the two empty fields in the Security Policy rules that permits only this type of access.

q1_PCNSA

Choose two.

AService = 'any'

BApplication = 'Telnet'

CService - 'application-default'

DApplication = 'any'

Show Answer

Question: 2

Which statements is true regarding a Heatmap report?

AWhen guided by authorized sales engineer, it helps determine te areas of greatest security risk.

BIt provides a percentage of adoption for each assessment area.

CIt runs only on firewall.

DIt provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture.

Show Answer

Question: 3

Which statements is true regarding a Heatmap report?

AWhen guided by authorized sales engineer, it helps determine te areas of greatest security risk.

BIt provides a percentage of adoption for each assessment area.

CIt runs only on firewall.

DIt provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture.

Show Answer

Question: 4

In a security policy what I the quickest way to rest all policy rule hit counters to zero?

AUse the CLI enter the command reset rules all

BHighlight each rule and use the Reset Rule Hit Counter > Selected Rules.

Cuse the Reset Rule Hit Counter > All Rules option.

DReboot the firewall.

Show Answer

Question: 5

Exhibit:

q5_PCNSA

Given the topology, which zone type should interface E1/1 be configured with?

ATap

BTunnel

CVirtual Wire

DLayer3

Show Answer

Palo Alto Networks PCNSA Quiz:3 Topic:7 Questions:11-15