Get Palo Alto Networks PCNSA Exam Dumps

Answer : B

The Type attribute column in the NGFW traffic logs indicates whether the log entry is for the start or end of the session. The possible values are START, END, DROP, DENY, and INVALID. The START value means that the log entry is for the start of the session, and the END value means that the log entry is for the end of the session.The other values indicate that the session was terminated by the firewall for various reasons12.Reference:Traffic Log Fields,Session Log Best Practices

Answer : D

The Policy Optimizer feature enables an administrator to review the Security policy rule base for unused rules, unused applications, and shadowed rules. The Policy Optimizer provides information and recommendations to help optimize the Security policy rules and reduce the attack surface.The Policy Optimizer can also identify rules that can be converted to use App-ID instead of port-based criteria12.Reference:Policy Optimizer,Tips & Tricks: How to Identify Unused Policies on a Palo Alto Networks Device

Answer : A, B

Answer : B

A server profile identifies the external authentication service and instructs the firewall on how to connect to that authentication service and access the authentication credentials for your users. To configure SAML authentication, you must create a server profile and register the firewall and the identity provider (IdP) with each other. You can import a SAML metadata file from the IdP to automatically create a server profile and populate the connection, registration, and IdP certificate information.Reference:Configure SAML Authentication,Set Up SAML Authentication,Introduction to SAML

Answer : A, D, E

The application characteristics can be found in three places on the PAN-OS interface: Objects tab > Application Filters, Objects tab > Application Groups, and Objects tab > Applications. These places allow you to view and manage the applications and application groups that are used in your Security policy rules.You can also create custom applications and application filters based on various attributes, such as category, subcategory, technology, risk, and behavior1. Some of the characteristics of these places are:

Objects tab > Application Filters: An application filter is a dynamic object that groups applications based on specific criteria. You can use an application filter to match multiple applications in a Security policy rule without having to list them individually. For example, you can create an application filter that includes all applications that have a high risk level or use peer-to-peer technology.

Objects tab > Application Groups: An application group is a static object that groups applications based on your custom requirements. You can use an application group to match multiple applications in a Security policy rule without having to list them individually. For example, you can create an application group that includes all applications that are related to a specific business function or project.

Objects tab > Applications: An application is an object that identifies and classifies network traffic based on App-ID, which is a technology that uses multiple attributes to identify applications. You can use an application to match a specific application in a Security policy rule and control its access and behavior. For example, you can use an application to allow web browsing but block file sharing or social networking.