PCNSA無料問題集「Palo Alto Networks Certified Network Security Administrator」

質問 1

What are three ways application characteristics are used? (Choose three.)

（A）As a setting to define a new custom application

（B）As an attribute to define an application group

（C）As an Object to define Security policies

（D）As an attribute to define an application filter

（E）As a global filter in the Application Command Center (ACC)

正解：A、B、D 解答を投票する

質問 2

Where in Panorama Would Zone Protection profiles be configured?

（A）Panorama tab

（B）Templates

（C）Shared

（D）Device Groups

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Which firewall plane provides configuration, logging, and reporting functions on a separate processor?

（A）security processing

（B）control

（C）data

（D）network processing

正解：B 解答を投票する

質問 4

Which User-ID mapping method should be used for an environment with clients that do not authenticate to Windows Active Directory?

（A）Windows session monitoring via a domain controller

（B）Captive Portal

（C）passive server monitoring using the Windows-based agent

（D）passive server monitoring using a PAN-OS integrated User-ID agent

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Identify the correct order to configure the PAN-OS integrated USER-ID agent.
3. add the service account to monitor the server(s)
2. define the address of the servers to be monitored on the firewall
4. commit the configuration, and verify agent connection status
1. create a service account on the Domain Controller with sufficient permissions to execute the User- ID agent

（A）2-3-4-1

（B）1-4-3-2

（C）1-3-2-4

（D）3-1-2-4

正解：C 解答を投票する

質問 6

In which two Security Profiles can an action equal to the block IP feature be configured? (Choose two.)

（A）Antivirus

（B）URL Filtering

（C）Vulnerability Protection

（D）Anti-spyware

正解：C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which objects would be useful for combining several services that are often defined together?

（A）application filters

（B）application groups

（C）shared service objects

（D）service groups

正解：D 解答を投票する

質問 8

What is a prerequisite before enabling an administrative account which relies on a local firewall user database?

（A）Configure an authentication policy

（B）Isolate the management interface on a dedicated management VLAN

（C）Configure an authentication sequence

（D）Configure an authentication profile

正解：D 解答を投票する

質問 9

Which path in PAN-OS 11.x would you follow to see how new and modified App-IDs impact a Security policy?

（A）Objects > Dynamic Updates > Review Policies

（B）Objects > Dynamic Updates > Review App-IDs

（C）Device > Dynamic Updates > Review App-IDs

（D）Device > Dynamic Updates > Review Policies

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

An administrator would like to protect against inbound threats such as buffer overflows and illegal code execution.
Which Security profile should be used?

（A）Antivirus

（B）URL filtering

（C）Anti-spyware

（D）Vulnerability protection

正解：C 解答を投票する

質問 11

View the diagram.

What is the most restrictive yet fully functional rule to allow general Internet and SSH traffic into both the DMZ and Untrust/lnternet zones from each of the lOT/Guest and Trust Zones?

（A）

（B）

（C）

（D）

正解：C 解答を投票する

質問 12

Which three Ethernet interface types are configurable on the Palo Alto Networks firewall? (Choose three.)

（A）Tap

（B）Dynamic

（C）Static

（D）Virtual Wire

（E）Layer 3

正解：A、D、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which the app-ID application will you need to allow in your security policy to use facebook-chat?

（A）facebook

（B）facebook-email

（C）facebook-chat

（D）facebook-base

正解：C、D 解答を投票する

質問 14

Which tab would an administrator click to create an address object?

（A）Monitor

（B）Device

（C）Policies

（D）Objects

正解：D 解答を投票する

質問 15

What are three Palo Alto Networks best practices when implementing the DNS Security Service? (Choose three.)

（A）Plan for mobile-employee risk

（B）Implement a threat intel program.

（C）Train your staff to be security aware.

（D）Configure a URL Filtering profile.

（E）Rely on a DNS resolver.

正解：B、D、E 解答を投票する

質問 16

How many zones can an interface be assigned with a Palo Alto Networks firewall?

（A）four

（B）three

（C）two

（D）one

正解：D 解答を投票する

質問 17

An administrator is trying to enforce policy on some (but not all) of the entries in an external dynamic list.
What is the maximum number of entries that they can be exclude?

（A）1,000

（B）50

（C）200

（D）100

正解：D 解答を投票する

質問 18

An administrator wants to prevent users from submitting corporate credentials in a phishing attack.
Which Security profile should be applied?

（A）vulnerability protection

（B）URL filtering

（C）anti-spyware

（D）antivirus

正解：C 解答を投票する

質問 19

What are three valid ways to map an IP address to a username? (Choose three.)

（A）a user connecting into a GlobalProtect gateway using a GlobalProtect Agent

（B）usernames inserted inside HTTP Headers

（C）using the XML API

（D）WildFire verdict reports

（E）DHCP Relay logs

正解：A、B、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 20

What is an advantage for using application tags?

（A）They help content updates automate policy updates

（B）They help with the creation of interfaces

（C）They help with the design of IP address allocations in DHCP.

（D）They are helpful during the creation of new zones

正解：A 解答を投票する

PCNSA 無料問題集「Palo Alto Networks Certified Network Security Administrator」

弊社を連絡する

関連リンク

トップ試験