QUESTION: 25

An administrator receives a global notification for a new malware that infects hosts. The infection will result in the infected host attempting to contact a command- and-control (C2) server.
Which two security profile components will detect and prevent this threat after the firewall's signature database has been updated? (Choose two.)

vulnerability protection profile applied to outbound security policies
anti-spyware profile applied to outbound security policies
antivirus profile applied to outbound security policies
URL filtering profile applied to outbound security policies

Answer(s): B,C

Reference:

https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/policy/create-best-practice-security-profiles

Reveal Solution Next Question

QUESTION: 26

At which stage of the Cyber-Attack Lifecycle would the attacker attach an infected PDF file to an email?

Delivery
Reconnaissance
Command and Control
Exploitation

Answer(s): D

Reveal Solution Next Question

QUESTION: 27

Identify the correct order to configure the PAN-OS integrated USER-ID agent.

3. add the service account to monitor the server(s)
2. define the address of the servers to be monitored on the firewall
4. commit the configuration, and verify agent connection status
1. create a service account on the Domain Controller with sufficient permissions to execute the User- ID agent

2-3-4-1
1-4-3-2
3-1-2-4
1-3-2-4

Answer(s): D

Reveal Solution Next Question

QUESTION: 28

Users from the internal zone need to be allowed to Telnet into a server in the DMZ zone.
Complete the security policy to ensure only Telnet is allowed.
Security Policy: Source Zone: Internal to DMZ Zone __________services `Application defaults`, and action = Allow

Destination IP: 192.168.1.123/24
Application = "Telnet"
Log Forwarding
USER-ID = "Allow users in Trusted"

Answer(s): B

Reveal Solution Next Question

Free PCNSA Exam Braindumps (page: 8)

QUESTION: 25

Reference:

QUESTION: 26

QUESTION: 27

QUESTION: 28

PCNSA Exam Discussions & Posts