PCNSA無料問題集「Palo Alto Networks Certified Network Security Administrator」

質問 1

Which two App-ID applications will need to be allowed to use Facebook-chat? (Choose two.)

（A）facebook

（B）facebook-email

（C）facebook-chat

（D）facebook-base

正解：C、D 解答を投票する

質問 2

Which license is required to use the Palo Alto Networks built-in IP address EDLs?

（A）SD-Wan

（B）Threat Prevention

（C）WildFire

（D）DNS Security

正解：B 解答を投票する

質問 3

Which information is included in device state other than the local configuration?

（A）audit logs to provide information of administrative account changes

（B）device group and template settings pushed from Panorama

（C）system logs to provide information of PAN-OS changes

（D）uncommitted changes

正解：B 解答を投票する

質問 4

Refer to the exhibit. An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) receives HTTP traffic and Host B (10.1.1.101) receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.)

（A）Untrust (Any) to Untrust (10.1.1.1), ssh -Allow

（B）Untrust (Any) to DMZ (1.1.1.100), web-browsing - Allow

（C）Untrust (Any)to DMZ (10.1.1.100. 10.1.1.101), ssh, web-browsing-Allow

（D）Untrust (Any) to Untrust (10.1.1.1), web-browsing -Allow

（E）Untrust (Any) to DMZ (1.1.1.100), ssh - Allow

正解：B、E 解答を投票する

質問 5

Identify the correct order to configure the PAN-OS integrated USER-ID agent.
3. add the service account to monitor the server(s)
2. define the address of the servers to be monitored on the firewall
4. commit the configuration, and verify agent connection status
1. create a service account on the Domain Controller with sufficient permissions to execute the User- ID agent

（A）2-3-4-1

（B）1-4-3-2

（C）1-3-2-4

（D）3-1-2-4

正解：C 解答を投票する

質問 6

What are two differences between an implicit dependency and an explicit dependency in App-ID? (Choose two.)

（A）An explicit dependency does not require the dependent application to be added in the security policy

（B）An implicit dependency requires the dependent application to be added in the security policy

（C）An explicit dependency requires the dependent application to be added in the security policy

（D）An implicit dependency does not require the dependent application to be added in the security policy

正解：C、D 解答を投票する

質問 7

Which Palo Alto networks security operating platform service protects cloud-based application such as Dropbox and salesforce by monitoring permissions and shared and scanning files for Sensitive information?

（A）AutoFocus

（B）Panorama

（C）Prisma SaaS

（D）GlobalProtect

正解：C 解答を投票する

質問 8

Given the cyber-attack lifecycle diagram identify the stage in which the attacker can run malicious code against a vulnerability in a targeted machine.

（A）Exploitation

（B）Reconnaissance

（C）Act on the Objective

（D）Installation

正解：A 解答を投票する

質問 9

Based on the security policy rules shown, ssh will be allowed on which port?

（A）53

（B）80

（C）23

（D）22

正解：D 解答を投票する

質問 10

Where in the PAN-OS GUI can an administrator monitor the rule usage for a specified period of time?

（A）Monitor > Reports

（B）Objects > Schedules

（C）Policies > Policy Optimizer

（D）Monitor > Packet Capture

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which three statement describe the operation of Security Policy rules or Security Profiles? (Choose three)

（A）Security Profile are attached to security policy rules.

（B）Security policy rules inspect but do not block traffic.

（C）Security Policy rules are attached to Security Profiles.

（D）Security Policy rules can block or allow traffic.

（E）Security Profile should be used only on allowed traffic.

正解：A、D、E 解答を投票する

質問 12

An administrator configured a Security policy rule with an Antivirus Security profile. The administrator did not change the action (or the profile. If a virus gets detected, how wilt the firewall handle the traffic?

（A）It drops the traffic because the profile was not set to explicitly allow the traffic.

（B）It allows the traffic but generates an entry in the Threat logs.

（C）It allows the traffic because the profile was not set to explicitly deny the traffic.

（D）It uses the default action assigned to the virus signature.

正解：A 解答を投票する

質問 13

Based on the screenshot what is the purpose of the group in User labelled ''it"?

（A）Allows "any" users to access servers in the DMZ zone

（B）Allows users in group "it" to access IT applications

（C）Allows users in group "DMZ" lo access IT applications

（D）Allows users to access IT applications on all ports

正解：B 解答を投票する

質問 14

Which path in PAN-OS 10.0 displays the list of port-based security policy rules?

（A）Policies> Security> Rule Usage> No App Specified

（B）Policies> Security> Rule Usage> Port-based Rules

（C）Policies> Security> Rule Usage> Unused Apps

（D）Policies> Security> Rule Usage> Port only specified

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

Which option is part of the content inspection process?

（A）SSL Proxy re-encrypt

（B）Packet egress process

（C）Packet forwarding process

（D）IPsec tunnel encryption

正解：A 解答を投票する

質問 16

What are three characteristics of the Palo Alto Networks DNS Security service? (Choose three.)

（A）It enables users to access real-time protections using advanced predictive analytics.

（B）It requires an active subscription to a third-party DNS Security service.

（C）It requires a valid Threat Prevention license.

（D）It requires a valid URL Filtering license.

（E）It uses techniques such as DGA.DNS tunneling detection and machine learning.

正解：A、C、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 17

Which path in PAN-OS 10.2 is used to schedule a content update to managed devices using Panorama?

（A）Panorama > Dynamic Updates > Device Deployment > Schedules > Add

（B）Panorama > Device Deployment > Dynamic Updates > Schedules > Add

（C）Panorama > Device Deployment > Content Updates > Schedules > Add

（D）Panorama > Content Updates > Device Deployment > Schedules > Add

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 18

Place the steps in the correct packet-processing order of operations.

正解：

Explanation:
Text, application, table Description automatically generated with medium confidence

質問 19

What are two valid selections within an Antivirus profile? (Choose two.)

（A）drop

（B）block-ip

（C）default

（D）deny

正解：A、C 解答を投票する

質問 20

At which stage of the cyber-attack lifecycle would the attacker attach an infected PDF file to an email?

（A）delivery

（B）installation

（C）explotation

（D）reinsurance

（E）command and control

正解：A 解答を投票する

PCNSA 無料問題集「Palo Alto Networks Certified Network Security Administrator」

弊社を連絡する

関連リンク

トップ試験