Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Palo Alto Networks
  3. PCNSA

Palo Alto Networks PCNSA Exam (page: 13)
Palo Alto Networks Certified Network Security Administrator
Updated on: 01-Sep-2025

Viewing Page 13 of 79
PCNSA PDF 420 Questions

Which Security Profile mitigates attacks based on packet count?

  1. zone protection profile
  2. URL filtering profile
  3. antivirus profile
  4. vulnerability profile

Answer(s): A



Which interface type uses virtual routers and routing protocols?

  1. Tap
  2. Layer3
  3. Virtual Wire
  4. Layer2

Answer(s): B



Which URL Filtering Profile action does not generate a log entry when a user attempts to access a URL?

  1. Override
  2. Allow
  3. Block
  4. Continue

Answer(s): B


Reference:

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/url-filtering/url-filtering-concepts/url-filtering-profile-actions



An internal host needs to connect through the firewall using source NAT to servers of the internet.
Which policy is required to enable source NAT on the firewall?

  1. NAT policy with internal zone and internet zone specified
  2. post-NAT policy with external source and any destination address
  3. NAT policy with no internal or internet zone selected
  4. pre-NAT policy with external source and any destination address

Answer(s): A



Which Security Profile can provide protection against ICMP floods, based on individual combinations of a packet's source and destination IP addresses?

  1. DoS protection
  2. URL filtering
  3. packet buffering
  4. anti-spyware

Answer(s): A



Viewing Page 13 of 79



Share your comments for Palo Alto Networks PCNSA exam with other users:

Abdullah 9/29/2023 2:06:00 AM

good morning
Anonymous


ethiopia 8/2/2023 2:18:00 AM

seems good..
ETHIOPIA


A\MAM 6/27/2023 5:17:00 PM

q-6 ans-b correct. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-cli-quick-start/use-the-cli/commit-configuration-changes
UNITED STATES