PCNSA

How many zones can an interface be assigned with a Palo Alto Networks firewall?A . twoB . threeC . fourD . oneView AnswerAnswer: D Explanation: Reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-web-interface-help/network/network­zones/security-zone-overview

Actions can be set for which two items in a URL filtering security profile? (Choose two.)A . Block ListB . Custom URL CategoriesC . PAN-DB URL CategoriesD . Allow ListView AnswerAnswer: AD

Which data-plane processor layer of the graphic shown provides uniform matching for spyware and vulnerability exploits on a Palo Alto Networks Firewall? A . Signature MatchingB . Network ProcessingC . Security ProcessingD . Security MatchingView AnswerAnswer: A

Which option shows the attributes that are selectable when setting up application filters?A . Category, Subcategory, Technology, and CharacteristicB . Category, Subcategory, Technology, Risk, and CharacteristicC . Name, Category, Technology, Risk, and CharacteristicD . Category, Subcategory, Risk, Standard Ports, and TechnologyView AnswerAnswer: B Explanation: Reference: https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-web-interface-help/objects/objects­application-filters

DRAG DROP Match the Cyber-Attack Lifecycle stage to its correct description. View AnswerAnswer:

Complete the statement. A security profile can block or allow traffic.A . on unknown-tcp or unknown-udp trafficB . after it is evaluated by a security policy that allows trafficC . before it is evaluated by a security policyD . after it is evaluated by a security policy that allows or...

Which two statements are correct about App-ID content updates? (Choose two.)A . Updated application content may change how security policy rules are enforcedB . After an application content update, new applications must be manually classified prior to useC . Existing security policy rules are not affected by application content updatesD...