PCNSA Device Management and Services • Complete Question Bank
Complete PCNSA Device Management and Services question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. admin@PA-500> show system info | match uptime System time: Fri Aug 23 14:22:10 2024 Uptime: 0 days, 2:15:33 admin@PA-500> show system resources CPU: 45% Memory: 78% admin@PA-500> show session info Total active sessions: 85000 Max sessions: 100000 admin@PA-500> show running resource-monitor Resource: dataplane CPU: 89% Memory: 92%
Refer to the exhibit.
admin@PA-3020> show running security-policy
rulebase security rules
rule 1 name "Allow-Sales"
source [ 10.1.1.0/24 ]
destination [ 192.168.1.0/24 ]
application [ ms-sql ]
service [ tcp-1433 ]
action allow
log-start no
rule 2 name "Allow-HR"
source [ 10.1.2.0/24 ]
destination [ 192.168.2.0/24 ]
application [ web-browsing ]
service [ application-default ]
action allow
log-start yes
admin@PA-3020> show session id 12345
Source IP: 10.1.1.50
Destination IP: 192.168.1.100
Application: ssl
Service: tcp-443
admin@PA-3020> show log traffic | match 10.1.1.50
... no results ...> show system info hostname: PA-5250 model: PA-5250 sw-version: 10.1.3 app-version: 8340-5987 threat-version: 8340-5987 > show running ip-route destination: 0.0.0.0/0 nexthop: 10.0.0.1 interface: ethernet1/1 > show interface ethernet1/1 interface: ethernet1/1 state: up ip address: 10.0.0.2/24 zone: external > show interface ethernet1/2 interface: ethernet1/2 state: down ip address: 192.168.1.1/24 zone: internal
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Identifies applications regardless of port
Maps IP addresses to usernames
Inspects files and data for threats
Cloud-based malware analysis
VPN client for remote access
Drag a concept onto its matching description — or click a concept then click the description.
443
22
N/A (ICMP)
161
Drag a concept onto its matching description — or click a concept then click the description.
Threat Prevention
Decryption
User-ID
App-ID
show system resources CPU: user 10% system 5% idle 85% Memory: 4096MB total, 4000MB used Disk /dev/sda1: 20GB, 19GB used Logging partition: 100% used
template {
name "Chicago-FW-Config"
config {
deviceconfig {
system {
hostname "CHI-FW-01"
domain "example.com"
ip-address 192.168.1.1
netmask 255.255.255.0
default-gateway 192.168.1.254
}
}
network {
interface ethernet1/1 {
layer3 {
ip 10.0.0.1/24
}
profile "protect"
}
}
}
}{"type":"traffic","subtype":"end","from":"trust","to":"untrust","sourceip":"10.1.1.100","destip":"203.0.113.50","user":"jdoe","action":"allow","bytes_sent":1024,"bytes_received":2048}admin@PA-5000> show system info | include sw-version sw-version: 10.2.0
admin@PA-5000> show routing route ----------------------------------------- Flags: A: Active, C: Candidate, S: Static, D: Dynamic, R: RIP, O: OSPF ---[Virtual Router default]--- Destination Next Hop Interface Flags 0.0.0.0/0 10.0.0.1 ethernet1/1 A S 10.0.0.0/24 0.0.0.0 ethernet1/1 A C
admin@PA-5000> show jobs all Job ID: 12345 Type: Commit Status: Pending Submitted by: admin
Refer to the exhibit. ``` set deviceconfig setting ntp server "pool.ntp.org" set deviceconfig setting ntp server "time.google.com" set deviceconfig setting ntp sync-interval 30 ```
Refer to the exhibit. ``` > show system services status Service Status DNS proxy running NTP stopped SNMP running Syslog running ```
Refer to the exhibit. ``` 2023/11/12 10:00:00,error,general,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, "Management policy check failed: login from 10.0.0.1 denied because host is not allowed" ```
rulebase security rules
{
"rule1" : {
"action" : "allow",
"source" : [ "192.168.1.0/24" ],
"destination" : [ "10.0.0.0/8" ],
"application" : [ "web-browsing" ],
"service" : [ "application-default" ]
}
}<log> <type>threat</type> <subtype>intrusion</subtype> <severity>critical</severity> <action>drop</action> <src>192.168.10.5</src> <dst>10.10.10.1</dst> <app>ssl</app> <threatid>40000</threatid> </log>
<devices> <name>PA-220</name> <vlan>none</vlan> <ip>10.0.0.1/24</ip> <management-profile>allow-ping</management-profile> </devices>
admin@PA-500> show system info System info: Hostname: PA-500 Model: PA-500 - - - Time since last reboot: 120 days Free disk space: 70% Management IP: 192.168.1.1/24 Management gateway: 192.168.1.254 Management interface: ethernet1/0 DNS settings: - Primary: 8.8.8.8 - Secondary: 8.8.4.4
Refer to the exhibit.
admin@PA-500> show system state | match "ntp|time"
ntp-config:
ntp-servers {
primary-ntp-server {
address: pool.ntp.org;
}
secondary-ntp-server {
address: time.google.com;
}
}
ntp-admin-state: enabled;
ntp-sync-state: sync;
time-config:
timezone: America/New_York;
current-time: 2025-03-15 14:30:22;