PCNSA EXAM QUESTIONS AND ANSWERS LATEST
UPDATE (ALREADY GRADED A+)
Recently changes were made to the firewall to optimize the policies and the security team wants to see
if those changes are helping. What is the quickest way to reset the hit counter to zero in all the security
policy rules?
A. At the CLI enter the command reset rules and press Enter
B. Highlight a rule and use the Reset Rule Hit Counter > Selected Rules for each rule
C. Reboot the firewall
D. Use the Reset Rule Hit Counter>All Rules option
D. Use the Reset Rule Hit Counter > All Rules option
Which Two App-ID applications will you need to allow in your Security policy to use facebook-chat?
A. facebook
B. facebook-chat
C. facebook-base
D. facebook-email
B. facebook-chat
C. facebook-base
Which User-ID agent would be appropriate in a network with multiple WAN links, limited network
bandwidth, and limited firewall management plane resources?
A. Windows-based agents deployed on the internal network
B. PAN-OS integrated agent deployed on the internal network
C. Citrix terminal server deployed on the internal network
D. Windows-based agent deployed on each of the WAN Links
A. Windows-based agent deployed on the internal network
Your company requires positive username attribution of every IP address used by the wireless devices to
support a new compliance requirement. You must collect IP to user mapping as soon as possible with
the minimal configuration changes to the wireless devices themselves. the wireless devices are from
various manufactures. Given the scenario, choose the option for sending IP-to user mapping to the
NGFW.
A. syslog
B. RADIUS
C. UID redistribution
D. XFF headers
A. syslog
An administrator receives a global notification for a new malware that infects hosts. The infection will
result in the infected host attempting to contact a command- and-control (C2) server. Which two
UPDATE (ALREADY GRADED A+)
Recently changes were made to the firewall to optimize the policies and the security team wants to see
if those changes are helping. What is the quickest way to reset the hit counter to zero in all the security
policy rules?
A. At the CLI enter the command reset rules and press Enter
B. Highlight a rule and use the Reset Rule Hit Counter > Selected Rules for each rule
C. Reboot the firewall
D. Use the Reset Rule Hit Counter>All Rules option
D. Use the Reset Rule Hit Counter > All Rules option
Which Two App-ID applications will you need to allow in your Security policy to use facebook-chat?
A. facebook
B. facebook-chat
C. facebook-base
D. facebook-email
B. facebook-chat
C. facebook-base
Which User-ID agent would be appropriate in a network with multiple WAN links, limited network
bandwidth, and limited firewall management plane resources?
A. Windows-based agents deployed on the internal network
B. PAN-OS integrated agent deployed on the internal network
C. Citrix terminal server deployed on the internal network
D. Windows-based agent deployed on each of the WAN Links
A. Windows-based agent deployed on the internal network
Your company requires positive username attribution of every IP address used by the wireless devices to
support a new compliance requirement. You must collect IP to user mapping as soon as possible with
the minimal configuration changes to the wireless devices themselves. the wireless devices are from
various manufactures. Given the scenario, choose the option for sending IP-to user mapping to the
NGFW.
A. syslog
B. RADIUS
C. UID redistribution
D. XFF headers
A. syslog
An administrator receives a global notification for a new malware that infects hosts. The infection will
result in the infected host attempting to contact a command- and-control (C2) server. Which two
