Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Palo Alto Networks
  3. PCNSA

Palo Alto Networks PCNSA Exam (page: 8)
Palo Alto Networks Certified Network Security Administrator
Updated on: 01-Sep-2025

Viewing Page 8 of 79
PCNSA PDF 420 Questions

Which administrator type utilizes predefined roles for a local administrator account?

  1. Superuser
  2. Role-based
  3. Dynamic
  4. Device administrator

Answer(s): C


Reference:

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-cli-quick-start/get-started-with-the-cli/give-administrators-access-to-the-cli/administrative-privileges?PageSpeed=noscript



Which two security profile types can be attached to a security policy? (Choose two.)

  1. antivirus
  2. DDoS protection
  3. threat
  4. vulnerability

Answer(s): A,D


Reference:

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/policy/security-profiles



The CFO found a USB drive in the parking lot and decide to plug it into their corporate laptop. The USB drive had malware on it that loaded onto their computer and then contacted a known command and control (CnC) server, which ordered the infected machine to begin Exfiltrating data from the laptop.
Which security profile feature could have been used to prevent the communication with the CnC server?

  1. Create an anti-spyware profile and enable DNS Sinkhole
  2. Create an antivirus profile and enable DNS Sinkhole
  3. Create a URL filtering profile and block the DNS Sinkhole category
  4. Create a security policy and enable DNS Sinkhole

Answer(s): A


Reference:

https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-web-interface-help/objects/objects-security-profiles-anti-spyware-profile



Which user mapping method could be used to discover user IDs in an environment with multiple Windows domain controllers?

  1. Active Directory monitoring
  2. Windows session monitoring
  3. Windows client probing
  4. domain controller monitoring

Answer(s): D



Which three statements describe the operation of Security policy rules and Security Profiles? (Choose three.)

  1. Security policy rules are attached to Security Profiles.
  2. Security Profiles are attached to Security policy rules.
  3. Security Profiles should be used only on allowed traffic.
  4. Security policy rules inspect but do not block traffic.
  5. Security policy rules can block or allow traffic.

Answer(s): B,C,E



Viewing Page 8 of 79



Share your comments for Palo Alto Networks PCNSA exam with other users:

Abdullah 9/29/2023 2:06:00 AM

good morning
Anonymous


ethiopia 8/2/2023 2:18:00 AM

seems good..
ETHIOPIA


A\MAM 6/27/2023 5:17:00 PM

q-6 ans-b correct. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-cli-quick-start/use-the-cli/commit-configuration-changes
UNITED STATES