PCNSA V4

Which administrator type provides more granular options to determine what the administrator can view and modify when creating an administrator account?A . Root B. Dynamic C. Role-based D. SuperuserView AnswerAnswer: C Explanation: Role Based profile roles: These are custom roles you can configure for more granular access control over the...

Which statement is true about Panorama managed devices?A . Panorama automatically removes local configuration locks after a commit from Panorama. B. Local configuration locks prohibit Security policy changes for a Panorama managed device. C. Security policy rules configured on local firewalls always take precedence. D. Local configuration locks can be...

What is a prerequisite before enabling an administrative account which relies on a local firewall user database?A . Configure an authentication policy B. Configure an authentication sequence C. Configure an authentication profile D. Isolate the management interface on a dedicated management VLANView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/firewall-administration/manage-firewall-administrators/configure-administrative-accounts-and-authentication/configure-a-firewall-administrator-account

Which feature would be useful for preventing traffic from hosting providers that place few restrictions on content, whose services are frequently used by attackers to distribute illegal or unethical material?A . Palo Alto Networks Bulletproof IP Addresses B. Palo Alto Networks C&C IP Addresses C. Palo Alto Networks Known Malicious...

Which two statements are correct about App-ID content updates? (Choose two.)A . Updated application content may change how security policy rules are enforced B. After an application content update, new applications must be manually classified prior to use C. Existing security policy rules are not affected by application content updates...

A network administrator created an intrazone Security policy rule on the firewall. The source zones were set to IT. Finance, and HR. Which two types of traffic will the rule apply to? (Choose two)A . traffic between zone IT and zone Finance B. traffic between zone Finance and zone HR...

An administrator would like to silently drop traffic from the internet to a ftp server. Which Security policy action should the administrator select?A . Reset-server B. Deny C. Drop D. BlockView AnswerAnswer: C Explanation: Drop silently drops the packet, while deny gives an update.

Given the screenshot, what two types of route is the administrator configuring? (Choose two.) A . BGP B. static route C. default route D. OSPFView AnswerAnswer: BC

An administrator is troubleshooting an issue with Office365 and expects that this traffic traverses the firewall. When reviewing Traffic Log entries, there are no logs matching traffic from the test workstation. What might cause this issue? A. Office365 traffic is logged in the System Log. B. Office365 traffic is logged...

According to the best practices for mission critical devices, what is the recommended interval for antivirus updates?A . by minute B. hourly C. daily D. weeklyView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/threat-prevention/best-practices-for-content-and-threat-content-updates/best-practices-mission-critical.html