PCNSA EXAM QUESTIONS AND ANSWERS LATEST
UPDATE (ALREADY GRADED A+)
The CFO found a USB drive in the parking lot and decided to plug it into their corporate laptop. The
USB drive had malware on it that loaded onto their computer and then contacted a known command
and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the
laptop.Which security profile feature could have been used to prevent the communication with the
CnC server?
Create an anti-spyware profile and enable DNS Sinkhole
Which user mapping method could be used to discover user IDs in an environment with multiple
Windows domain controllers?
Active Directory monitoring
What are three differences between security policies and security profiles?
Security profiles are attached to security policies
Security profiles should only be used on allowed traffic
Security policies can block or allow traffic
Given the image, which two options are true about the Security policy rules.
The Allow Office Programs rule is using an Application Group
In the Allow Social Networking rule, allows all of Facebooks functions
Which type of security rule will match traffic between the Inside zone and Outside zone, within the
Inside zone, and within the Outside zone?
Universal
Which Palo Alto Networks firewall security platform provides network security for mobile endpoints
by inspecting traffic deployed as internet gateways?
GlobalProtect
Which two statements are correct regarding multiple static default routes?
Path monitoring determines if route is useable
Route with lowest metric is actively used
Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate
malicious code against a targeted machine.
Exploitation
Which file is used to save the running configuration with a Palo Alto Networks firewall?
running-config.xml
UPDATE (ALREADY GRADED A+)
The CFO found a USB drive in the parking lot and decided to plug it into their corporate laptop. The
USB drive had malware on it that loaded onto their computer and then contacted a known command
and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the
laptop.Which security profile feature could have been used to prevent the communication with the
CnC server?
Create an anti-spyware profile and enable DNS Sinkhole
Which user mapping method could be used to discover user IDs in an environment with multiple
Windows domain controllers?
Active Directory monitoring
What are three differences between security policies and security profiles?
Security profiles are attached to security policies
Security profiles should only be used on allowed traffic
Security policies can block or allow traffic
Given the image, which two options are true about the Security policy rules.
The Allow Office Programs rule is using an Application Group
In the Allow Social Networking rule, allows all of Facebooks functions
Which type of security rule will match traffic between the Inside zone and Outside zone, within the
Inside zone, and within the Outside zone?
Universal
Which Palo Alto Networks firewall security platform provides network security for mobile endpoints
by inspecting traffic deployed as internet gateways?
GlobalProtect
Which two statements are correct regarding multiple static default routes?
Path monitoring determines if route is useable
Route with lowest metric is actively used
Given the Cyber-Attack Lifecycle diagram, identify the stage in which the attacker can initiate
malicious code against a targeted machine.
Exploitation
Which file is used to save the running configuration with a Palo Alto Networks firewall?
running-config.xml
