PCNSA EXAM: LATEST A+ QUESTIONS AND ANSWERS
FOR THE WIN!
Zone Protection Profiles
Profiles that protect against five types of floods: SYN (TCP), UDP, ICMP, ICMPv6, and Other IP.
Log at Session Start
A log setting that records the beginning of a session.
Log at Session End
A log setting that records the conclusion of a session.
EDL in URL Filtering Profile
External Dynamic Lists used to block access to specific URLs.
Custom URL category in URL Filtering Profile
User-defined categories for managing URL access in filtering profiles.
Custom URL category in Security policy rule
User-defined categories applied within security policy rules for URL access.
PAN-DB URL category
Pre-defined categories used in URL Filtering Profiles to manage access to URLs.
Best practices for normal traffic logging
Log at Session Start disabled, Log at Session End enabled.
Exception to an external dynamic list
Methods to exclude specific entries from being blocked by an external dynamic list.
First Match Wins
A principle where the first matching rule in a list is applied, determining access.
Flood Attack Protection
Protection mechanisms against various types of flood attacks.
Dynamic administrative role
A role that adjusts permissions based on changing conditions or contexts.
Multi-Factor Authentication
A security measure requiring multiple forms of verification for access.
SAML
, Security Assertion Markup Language, used for exchanging authentication and authorization data.
DoS Protection profile
A profile that helps in configuring settings to protect against Denial of Service attacks.
QoS profile
Quality of Service profile used to manage bandwidth and prioritize traffic.
Cached URLs
URLs learned from External Dynamic Lists that are stored for quick access.
Pre-Defined Categories
Categories established by external services like PAN-DB or Brightcloud for URL filtering.
Disable Override
A setting that, when cleared, allows the configuration to be overridden by shared settings.
Manual Exceptions list
A list where manual entries can be added.
External dynamic list
A list that can be edited by adding the '-' symbol before entries to exclude them.
Control plane
The firewall plane that provides configuration, logging, and reporting functions on a separate processor.
App-ID updates
An action that allows a security administrator to view the existing security policy rule that matches new
application signatures.
URL profiling action
An action that does not generate a log entry when a user attempts to access a URL.
Allow action
Traffic destined for that URL category is allowed; allowed traffic is not logged.
Configuration path
Device>Setup>Operations is used to save and load a configuration with a Palo Alto Networks firewall.
Intrazone-default policy
The two default behaviors are to allow traffic and have logging disabled.
Authentication Sequence
FOR THE WIN!
Zone Protection Profiles
Profiles that protect against five types of floods: SYN (TCP), UDP, ICMP, ICMPv6, and Other IP.
Log at Session Start
A log setting that records the beginning of a session.
Log at Session End
A log setting that records the conclusion of a session.
EDL in URL Filtering Profile
External Dynamic Lists used to block access to specific URLs.
Custom URL category in URL Filtering Profile
User-defined categories for managing URL access in filtering profiles.
Custom URL category in Security policy rule
User-defined categories applied within security policy rules for URL access.
PAN-DB URL category
Pre-defined categories used in URL Filtering Profiles to manage access to URLs.
Best practices for normal traffic logging
Log at Session Start disabled, Log at Session End enabled.
Exception to an external dynamic list
Methods to exclude specific entries from being blocked by an external dynamic list.
First Match Wins
A principle where the first matching rule in a list is applied, determining access.
Flood Attack Protection
Protection mechanisms against various types of flood attacks.
Dynamic administrative role
A role that adjusts permissions based on changing conditions or contexts.
Multi-Factor Authentication
A security measure requiring multiple forms of verification for access.
SAML
, Security Assertion Markup Language, used for exchanging authentication and authorization data.
DoS Protection profile
A profile that helps in configuring settings to protect against Denial of Service attacks.
QoS profile
Quality of Service profile used to manage bandwidth and prioritize traffic.
Cached URLs
URLs learned from External Dynamic Lists that are stored for quick access.
Pre-Defined Categories
Categories established by external services like PAN-DB or Brightcloud for URL filtering.
Disable Override
A setting that, when cleared, allows the configuration to be overridden by shared settings.
Manual Exceptions list
A list where manual entries can be added.
External dynamic list
A list that can be edited by adding the '-' symbol before entries to exclude them.
Control plane
The firewall plane that provides configuration, logging, and reporting functions on a separate processor.
App-ID updates
An action that allows a security administrator to view the existing security policy rule that matches new
application signatures.
URL profiling action
An action that does not generate a log entry when a user attempts to access a URL.
Allow action
Traffic destined for that URL category is allowed; allowed traffic is not logged.
Configuration path
Device>Setup>Operations is used to save and load a configuration with a Palo Alto Networks firewall.
Intrazone-default policy
The two default behaviors are to allow traffic and have logging disabled.
Authentication Sequence
