Browse Exams Pricing

ExamsPCNSAQuestions

PCNSA Exam Questions

422 real PCNSA exam questions with expert-verified answers and explanations. Page 8 of 9.

Question #364Configure
Which action column is available to edit in the Action tab of an Antivirus security profile?
Antivirus ProfileSecurity ProfilesPAN-OS ConfigurationThreat Prevention
Question #365Operate
Given the detailed log information above, what was the result of the firewall traffic inspection?
Threat LogsSecurity ProfilesAnti-SpywareThreat Prevention
Question #366Securing Traffic
When configuring a security policy, what is a best practice for User-ID?
User-IDSecurity Best PracticesNetwork SecurityWMI
Question #367Securing Traffic
What are three DNS policy actions? (Choose three.)
DNS SecurityPolicy ActionsThreat Prevention
Question #368Device Management and Services
Which System log severity level would be displayed as a result of a user password change?
LoggingSystem LogsLog SeverityUser Administration
Question #369Managing Objects
An administrator would like to block traffic to all high risk audio streaming applications, including new App-IDs introduced with content updates. Which filter should the administr...
Application FilterApp-ID AttributesRisk LevelsPolicy Configuration
Question #370Securing Traffic
An administrator receives a notification about new malware that is being used to attack hosts. The malware exploits a software bug in a common application. Which Security Profile w...
Vulnerability ProtectionThreat PreventionSecurity ProfilesExploit Prevention
Question #371Device Management and Services
The NetSec Manager asked to create a new firewall Local Administrator profile with customized privileges named New_Admin. This new administrator has to authenticate without inserti...
Administrator ProfileClient Certificate AuthenticationPasswordless AccessWebUI
Question #372Securing Traffic
Which Security profile prevents users from submitting valid corporate credentials online?
URL filteringCredential protectionSecurity profilesPhishing prevention
Question #373Securing Traffic
Which two statements apply to an Advanced Threat Prevention subscription? (Choose two.)
Advanced Threat PreventionSubscriptionsThreat DetectionC2 Protection
Question #374Securing Traffic
With the PAN-OS 11.0 release, which tab becomes newly available within the Vulnerability security profile?
PAN-OS 11.0Vulnerability ProfilesSecurity ProfilesInline Cloud Analysis
Question #375Managing Objects
What are the two ways to implement an exception to an external dynamic list? (Choose two.)
External Dynamic ListsEDL ExceptionsObject Management
Question #376Securing Traffic
An administrator needs to create a Security policy rule that matches DNS traffic sourced from either the LAN or VPN zones, destined for the DMZ or Untrust zones. The administrator...
Security PolicyRule TypesZonesInterzone Policy
Question #377Managing Objects
An administrator is reviewing the Security policy rules shown in the screenshot. Why are the two fields in the Security policy EDL-Deny highlighted in red?
Policy TagsSecurity PolicyGUIVisual Indicators
Question #378Managing Objects
What are two differences between an application group and an application filter? (Choose two.)
Application GroupsApplication FiltersApp-IDSecurity Policies
Question #379Policy Evaluation and Management
An administrator reads through the following Applications and Threats Content Release Notes before an update: Which rule would continue to allow the file upload to confluence after...
Security PolicyApp-IDContent UpdatesPolicy Evaluation
Question #381Securing Traffic
Which two events can be found in data-filtering logs? (Choose two.)
Data FilteringFile BlockingDLP (Data Loss Prevention)Security Profiles
Question #382Securing Traffic
Which statement applies to the Intrazone Security policy rule?
Security PolicyIntrazoneSecurity ZonesTraffic Flow
Question #383Policy Evaluation and Management
Review the screenshot below. Which statement is correct about the information it contains?
Security PolicyRulebase ManagementPalo Alto GUIPolicy View Options
Question #384Managing Objects
An administrator wants to enable users to access retail websites that are considered minimum risk. Which two URL categories should be combined in a custom URL category to accomplis...
URL FilteringURL CategoriesCustom URL Categories
Question #385Policy Evaluation and Management
What are three advantages of user-to-group mapping? (Choose three.)
User-to-Group MappingUser-IDSecurity PolicyAdministration
Question #386Device Management and Services
Which situation is recorded as a system log?
System LogsLoggingAuthentication ServerFirewall Operations
Question #387Securing Traffic
Within an Anti-Spyware security profile, which tab is used to enable machine learning based engines?
Anti-Spyware ProfileMachine LearningThreat PreventionSecurity Profiles
Question #388Policy Evaluation and Management
Which two statements correctly describe how pre-rules and local device rules are viewed and modified? (Choose two.)
PanoramaPre-rulesLocal device rulesRule management
Question #389Device Management and Services
The administrator profile "SYS01 Admin" is configured with authentication profile "Authentication Sequence SYS01," and the authentication sequence SYS01 has a profile list with fou...
Authentication sequencesAdmin authenticationAuthentication profilesFallback authentication
Question #390Configure
Which three types of Source NAT are available to users inside a NGFW? (Choose three.)
Source NATNAT typesNGFW configuration
Question #391Securing Traffic
What are the two main reasons a custom application is created? (Choose two.)
Custom ApplicationsApp-IDTraffic IdentificationUnidentified Traffic
Question #392Device Management and Services
By default, what is the maximum number of templates that can be added to a template stack?
TemplatesTemplate StacksPanoramaConfiguration Limits
Question #393Policy Evaluation and Management
What does rule shadowing in Security policies do?
Security PolicyRule ShadowingPolicy Evaluation
Question #394Configure
Which two types of profiles are needed to create an authentication sequence? (Choose two.)
Authentication ProfilesServer ProfilesUser AuthenticationFirewall Configuration
Question #395Configure
Which order of steps is the correct way to create a static route?
Static routesRouting configurationNetwork configurationFirewall configuration
Question #396Device Management and Services
Which two actions are needed for an administrator to get real-time WildFire signatures? (Choose two.)
WildFireSubscriptionsDynamic UpdatesSignatures
Question #397Configure
Which two features implement one-to-one translation of a source IP address while allowing the source port to change? (Choose two.)
Source NATDynamic IP and Port (DIPP)NAT FallbackPort Translation
Question #398Managing Objects
What are three ways application characteristics are used? (Choose three.)
App-IDApplication FiltersCustom ApplicationsACC
Question #399Configure
In which two Security Profiles can an action equal to the block IP feature be configured? (Choose two.)
Security ProfilesBlock IP actionVulnerability Protection ProfileAnti-Spyware Profile
Question #400Securing Traffic
When is an event displayed under threat logs?
Threat LoggingSecurity ProfilesLog Generation
Question #401Managing Objects
In which section of the PAN-OS GUI does an administrator configure URL Filtering profiles?
URL FilteringSecurity ProfilesGUI NavigationObject Management
Question #402Securing Traffic
Which profile should be used to obtain a verdict regarding analyzed files?
WildFireFile AnalysisSecurity ProfilesThreat Prevention
Question #403Managing Objects
In which three places on the PAN-OS interface can the application characteristics be found? (Choose three.)
PAN-OS GUIApplication CharacteristicsInterface NavigationObject Management
Question #404Configure
Where within the firewall GUI can an administrator create a local user database?
GUI NavigationLocal User DatabaseAuthenticationDevice Configuration
Question #405Device Management and Services
How are service routes used in PAN-OS?
Service RoutesManagement PlaneNetwork ConfigurationData Interfaces
Question #406Operate
How can a complete overview of the logs be displayed to an administrator who has permission in the system to view them?
LoggingMonitoringGUI NavigationUnified Logs
Question #407Configure
Which User Credential Detection method should be applied within a URL Filtering Security profile to check for the submission of a valid corporate username and the associated passwo...
URL FilteringCredential DetectionSecurity ProfilesPhishing Prevention
Question #408Configure
Which step is mandatory to create a static route in PAN-OS?
Static RoutingVirtual RouterPAN-OS RoutingNetwork Configuration
Question #409Securing Traffic
Which security profile should be used to classify malicious web content?
URL FilteringSecurity ProfilesWeb Content ClassificationThreat Prevention
Question #410Device Management and Services
A systems administrator momentarily loses track of which is the test environment firewall and which is the production firewall. The administrator makes changes to the candidate con...
Configuration ManagementCandidate ConfigurationRevert ChangesFirewall Administration
Question #411Managing Objects
An administrator is implementing an exception to an external dynamic list by adding an entry to the list manually. The administrator wants to save the changes, but the OK button is...
External Dynamic ListsFirewall ConfigurationObject ManagementException Handling
Question #412Configure
Which three Ethernet interface types are configurable on the Palo Alto Networks firewall? (Choose three.)
Firewall InterfacesEthernet Interface TypesInterface Configuration
Question #413Device Management and Services
A network security manager is asked to save a configuration to be used after a firewall reboot. When the configuration is ready, how should it be saved so that the changes are not...
Configuration ManagementConfiguration SnapshotPersistenceDevice Management
Question #414Operate
Which action should be taken to identify threats that have been detected by using inline cloud analysis?
Threat logsWildFireThreat identificationLogging and monitoring

PreviousPage 8 of 9Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.