PCNSA EXAM QUESTIONS AND ANSWERS LATEST
UPDATE (ALREADY GRADED A+)
TACACS
One of the types of authentication services that can be used to authenticate user traffic flowing through
the firewall's data plane.
TACACS+
One of the types of authentication services that can be used to authenticate user traffic flowing through
the firewall's data plane.
Universal security rule
A rule created for source zones A & B and destination zones A & B that applies to all traffic within zones
A & B.
Dynamic routing protocol
Protocols supported by the NGFW Virtual Router for network connectivity.
RIP
One of the dynamic routing protocols supported by the NGFW Virtual Router.
OSPF
One of the dynamic routing protocols supported by the NGFW Virtual Router.
IS-IS
One of the dynamic routing protocols supported by the NGFW Virtual Router.
EIGRP
One of the dynamic routing protocols supported by the NGFW Virtual Router.
BGP
One of the dynamic routing protocols supported by the NGFW Virtual Router.
SuperApp_base
An application identified by App-ID that will be affected by new app signatures after 30 days.
SuperApp_chat
A new app signature that will be deployed in 30 days and will affect traffic matching SuperApp_base.
SuperApp_download
A new app signature that will be deployed in 30 days and will affect traffic matching SuperApp_base.
, Maximum number of excluded entries
The maximum number of entries that can be excluded from an external dynamic list is 100.
EMEA Regional Panorama Administrator profile
A profile that allows access only to EMEA-Regional device groups and templates with read-only
privileges.
Application Group
A static way of grouping applications that cannot be configured as a nested member of an Application
Group.
Application Filters
Used in firewall policy to group applications.
Application Filter
A dynamic way to group applications and can be configured as a nested member of an Application
Group.
Application Group
A static way of grouping applications and can be configured as a nested member of an Application
Group.
Applications and Threats dynamic update scheduling
Automatically 'download only' and then install Applications and Threats later, after the administrator
approves the update.
Threshold
Determines the amount of time the firewall waits before installing the latest content, with a maximum
of up to a 48 hour threshold in a mission-critical network.
Secure Shell (SSH) Security Policy
The admin creates a custom service object named 'tcp-4422' with port tcp/4422 and a custom service
object named 'tcp-22' with port tcp/22, then creates a Security policy allowing application 'ssh', service
'tcp-4422', and service 'tcp-22'.
DNS Security service configuration
Configured in the Anti-Spyware threat profile object.
Vulnerability Protection
Profiles protect against threats entering the network, such as buffer overflows and illegal code
execution.
Malware detection and blocking
UPDATE (ALREADY GRADED A+)
TACACS
One of the types of authentication services that can be used to authenticate user traffic flowing through
the firewall's data plane.
TACACS+
One of the types of authentication services that can be used to authenticate user traffic flowing through
the firewall's data plane.
Universal security rule
A rule created for source zones A & B and destination zones A & B that applies to all traffic within zones
A & B.
Dynamic routing protocol
Protocols supported by the NGFW Virtual Router for network connectivity.
RIP
One of the dynamic routing protocols supported by the NGFW Virtual Router.
OSPF
One of the dynamic routing protocols supported by the NGFW Virtual Router.
IS-IS
One of the dynamic routing protocols supported by the NGFW Virtual Router.
EIGRP
One of the dynamic routing protocols supported by the NGFW Virtual Router.
BGP
One of the dynamic routing protocols supported by the NGFW Virtual Router.
SuperApp_base
An application identified by App-ID that will be affected by new app signatures after 30 days.
SuperApp_chat
A new app signature that will be deployed in 30 days and will affect traffic matching SuperApp_base.
SuperApp_download
A new app signature that will be deployed in 30 days and will affect traffic matching SuperApp_base.
, Maximum number of excluded entries
The maximum number of entries that can be excluded from an external dynamic list is 100.
EMEA Regional Panorama Administrator profile
A profile that allows access only to EMEA-Regional device groups and templates with read-only
privileges.
Application Group
A static way of grouping applications that cannot be configured as a nested member of an Application
Group.
Application Filters
Used in firewall policy to group applications.
Application Filter
A dynamic way to group applications and can be configured as a nested member of an Application
Group.
Application Group
A static way of grouping applications and can be configured as a nested member of an Application
Group.
Applications and Threats dynamic update scheduling
Automatically 'download only' and then install Applications and Threats later, after the administrator
approves the update.
Threshold
Determines the amount of time the firewall waits before installing the latest content, with a maximum
of up to a 48 hour threshold in a mission-critical network.
Secure Shell (SSH) Security Policy
The admin creates a custom service object named 'tcp-4422' with port tcp/4422 and a custom service
object named 'tcp-22' with port tcp/22, then creates a Security policy allowing application 'ssh', service
'tcp-4422', and service 'tcp-22'.
DNS Security service configuration
Configured in the Anti-Spyware threat profile object.
Vulnerability Protection
Profiles protect against threats entering the network, such as buffer overflows and illegal code
execution.
Malware detection and blocking
