Professional Documents
Culture Documents
94 %
Assessment Passed
Congratulations! You answered enough questions correctly to receive a
passing grade.
Close
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 1/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Response Details
Print
Section Results
Section 1 Points: 47/50
Your Responses
Question 1 of 50 +1
application dependency
Question 2 of 50 +1
10
20
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 2/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 3 of 50 +1
hourly
weekly
daily
monthly
Question 4 of 50 +1
Tap interfaces
Layer 2 interfaces
Layer 3 interfaces
other subnets
Question 5 of 50 +0 / 1
running
candidate
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 3/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
named
saved
Question 6 of 50 +1
Layer3
Layer2
Virtual Wire
Ethernet
Question 7 of 50 +1
creates a tentative configuration snapshot that does not overwrite the default
snapshot (.snapshot.xml)
creates a candidate configuration snapshot that does not overwrite the default
snapshot (.snapshot.xml)
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 4/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
deletes a candidate configuration snapshot that does not overwrite the default
snapshot (.snapshot.xml)
creates a candidate configuration snapshot that does not overwrite the default
snapshot (.saved.xml)
Question 8 of 50 +1
App-ID always requires an explicit Security policy rule for parent applications.
Some App-IDs implicitly allow required application without the need to explicitly
add the parent to the Security policy.
If an App-ID has a web-browsing dependency, you will not need to add web-
browsing to other Security polices to use web-browsing
Question 9 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 5/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 10 of 50 +1
Windows-based client
Traps agent
Question 11 of 50 +1
Continue
Approved
Deny
Allow
Question 12 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 6/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Default
Standard
Secure
Strict
Question 13 of 50 +1
Antivirus
URL Filtering
Spyware Filtering
File Filtering
Question 14 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 7/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Translation Type
Address Type
Interface
IP Address
Question 15 of 50 +1
Superuser
Dynamic User
Device User
Device Administrator
Question 16 of 50 +1
Deny Google
allowed-security services
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 8/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
intrazone-default
interzone-default
Question 17 of 50 +1
signature matching
reporting
network processing
Question 18 of 50 +1
Question 19 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 9/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
run-config.xml
running-configuration.xml
running-config.xml
run-configuration.xml
Question 20 of 50 +1
Antivirus
Threat Prevention
URL Filtering
WildFire
Question 21 of 50 +1
Highlight each rule and use the Reset Rule Hit Counter > Selected Rules
Use the Reset Rule Hit Counter > All Rules option
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 10/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 22 of 50 +1
intrazone
interzone
universal
global
Question 23 of 50 +1
Question 24 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 11/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 25 of 50 +1
Security Matching
Network Processing
Security Processing
Signature Matching
Question 26 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 12/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Bi-Directional NAT
U-Turn NAT
Source NAT
Question 27 of 50 +1
service
address
Question 28 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 13/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 29 of 50 +1
allow
block
alert
continue
Question 30 of 50 +1
What are two valid tag types for use in a DAG? (Choose
two.) 8825855
static tag
dynamic tag
membership tag
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 14/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
wildcard tag
Question 31 of 50 +1
Sending a reset can facilitate malicious use such as reverse mapping through
port scanning.
Sending a reset allows the TCP session to send data, which may allow malicious
traffic.
Question 32 of 50 +1
IP Netmask
IP Range
FQDN
EDL
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 15/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Tag
Question 33 of 50 +1
Question 34 of 50 +1
weekly
hourly
daily
monthly
Question 35 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 16/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Virtual Wire
Loopback
VLAN
Layer2
Question 36 of 50 +1
Packet Buffering
DoS Protection
Anti-Spyware
Zone Protection
Question 37 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 17/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Antivirus Profile
Anti-Spyware Profile
Question 38 of 50 +1
Name
Service
Apps Allowed
Apps Seen
Question 39 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 18/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
intrazone
interzone
global
universal
Question 40 of 50 +1
application prioritization
Question 41 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 19/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Create a URL Filtering Profile and block the DNS sinkhole URL category.
Create a Data Filtering Profiles and enable its DNS sinkhole feature.
Question 42 of 50 +1
facebook-base
web-browsing
facebook-chat
Question 43 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 20/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
FQDN
IP netmask
IP range
Named address
Question 44 of 50 +1
Question 45 of 50 +1
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 21/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 46 of 50 +0 / 1
DNS
NTP
SSH
HTTP
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 22/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 47 of 50 +1
default route
OSPF
BGP
static route
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 23/25
10/8/23, 5:19 PM Palo Alto Networks Certified Network Security Administrator (PCNSA): Exam Practice Questions
Question 48 of 50 +0 / 1
The correct answer was "From a Security policy rule, click Hit Count >
Reset., Clone the rule and delete the previous rule.".
Question 49 of 50 +1
Updated application content might change how Security policy rules are
enforced.
Existing security policy rules are not affected by application content updates.
Question 50 of 50 +1
8825855
QoS profile
https://beacon.paloaltonetworks.com/assessment_responses/report/19119569#assessment-response-details 25/25