Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Palo Alto Networks
  3. PCNSA

Palo Alto Networks PCNSA Exam (page: 15)
Palo Alto Networks Certified Network Security Administrator
Updated on: 01-Sep-2025

Viewing Page 15 of 79
PCNSA PDF 420 Questions

How do you reset the hit count on a Security policy rule?

  1. Select a Security policy rule, and then select Hit Count > Reset.
  2. Reboot the data-plane.
  3. First disable and then re-enable the rule.
  4. Type the CLI command reset hitcount <POLICY-NAME>.

Answer(s): A



Given the topology, which zone type should you configure for firewall interface E1/1?

  1. Tap
  2. Tunnel
  3. Virtual Wire
  4. Layer3

Answer(s): A



Which interface type is part of a Layer 3 zone with a Palo Alto Networks firewall?

  1. Management
  2. High Availability
  3. Aggregate
  4. Aggregation

Answer(s): C



Which security policy rule would be needed to match traffic that passes between the Outside zone and Inside zone, but does not match traffic that passes within the zones?

  1. intrazone
  2. interzone
  3. universal
  4. global

Answer(s): B



Four configuration choices are listed, and each could be used to block access to a specific URL. If you configured each choice to block the same URL then which choice would be the last to block access to the URL?

  1. EDL in URL Filtering Profile
  2. Custom URL category in URL Filtering Profile
  3. Custom URL category in Security policy rule
  4. PAN-DB URL category in URL Filtering Profile

Answer(s): D



Viewing Page 15 of 79



Share your comments for Palo Alto Networks PCNSA exam with other users:

Abdullah 9/29/2023 2:06:00 AM

good morning
Anonymous


ethiopia 8/2/2023 2:18:00 AM

seems good..
ETHIOPIA


A\MAM 6/27/2023 5:17:00 PM

q-6 ans-b correct. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-cli-quick-start/use-the-cli/commit-configuration-changes
UNITED STATES