Palo Alto Networks PCNSA Quiz 3 Topic 7 Questions 11-15

Question: 1

All users from the internal zone must be allowed only Telnet access to a server in the DMZ zone. Complete the two empty fields in the Security Policy rules that permits only this type of access.

q1_PCNSA

Choose two.

AService = 'any'

BApplication = 'Telnet'

CService - 'application-default'

DApplication = 'any'

Show Answer

Question: 2

Which statements is true regarding a Heatmap report?

AWhen guided by authorized sales engineer, it helps determine te areas of greatest security risk.

BIt provides a percentage of adoption for each assessment area.

CIt runs only on firewall.

DIt provides a set of questionnaires that help uncover security risk prevention gaps across all areas of network and security architecture.

Show Answer

Question: 3

Given the cyber-attack lifecycle diagram identify the stage in which the attacker can run malicious code against a vulnerability in a targeted machine.

q3_PCNSA

AExploitation

BInstallation

CReconnaissance

DAct on the Objective

Show Answer

Question: 4

Complete the statement. A security profile can block or allow traffic.

Aon unknown-tcp or unknown-udp traffic

Bafter it is evaluated by a security policy that allows traffic

Cbefore it is evaluated by a security policy

Dafter it is evaluated by a security policy that allows or blocks traffic

Show Answer

Question: 5

Which option shows the attributes that are selectable when setting up application filters?

ACategory, Subcategory, Technology, and Characteristic

BCategory, Subcategory, Technology, Risk, and Characteristic

CName, Category, Technology, Risk, and Characteristic

DCategory, Subcategory, Risk, Standard Ports, and Technology

Show Answer

Palo Alto Networks PCNSA Quiz:3 Topic:7 Questions:11-15