Question No. 1

Which Palo Alto networks security operating platform service protects cloud-based application such as Dropbox and salesforce by monitoring permissions and shared and scanning files for Sensitive information?

APrisma SaaS

BAutoFocus

CPanorama

DGlobalProtect

Show Answer

Correct Answer: A

Question No. 2

Based on the security policy rules shown, ssh will be allowed on which port?

A80

B53

C22

D23

Show Answer

Correct Answer: C

Question No. 3

Which three types of entries can be excluded from an external dynamic list (EDL)? (Choose three.)

AIP addresses

BDomains

CUser-ID

DURLs

EApplications

Show Answer

Correct Answer: A, B, D

Three types of entries that can be excluded from an external dynamic list (EDL) are IP addresses, domains, and URLs. An EDL is a text file that is hosted on an external web server and contains a list of objects, such as IP addresses, URLs, domains, International Mobile Equipment Identities (IMEIs), or International Mobile Subscriber Identities (IMSIs) that the firewall can import and use in policy rules. You can exclude entries from an EDL to prevent the firewall from enforcing policy on those entries.For example, you can exclude benign domains that applications use for background traffic from Authentication policy1. To exclude entries from an EDL, you need to:

Select the EDL on the firewall and clickManual Exceptions.

Add the entries that you want to exclude in theManual Exceptionslist. The entries must match the type and format of the EDL. For example, if the EDL contains IP addresses, you can only exclude IP addresses.

ClickOKto save the changes. The firewall will not enforce policy on the excluded entries.

Question No. 4

What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)

AAn implicit dependency does not require the dependent application to be added in the security policy

BAn implicit dependency requires the dependent application to be added in the security policy

CAn explicit dependency does not require the dependent application to be added in the security policy

DAn explicit dependency requires the dependent application to be added in the security policy

Show Answer

Correct Answer: A, D

Question No. 5

Which operations are allowed when working with App-ID application tags?

APredefined tags may be deleted.

BPredefined tags may be augmented by custom tags.

CPredefined tags may be modified.

DPredefined tags may be updated by WildFire dynamic updates.

Show Answer

Correct Answer: B

Free Palo Alto Networks PCNSA Exam Actual Questions

The questions for PCNSA were last updated On Nov 6, 2024