Question 1mediummultiple choice
Read the full Core Concepts explanation →PCNSA Core Concepts • Complete Question Bank
Complete PCNSA Core Concepts question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. admin@PA-500> show counter global | match tcp tcp-conn-init 1500 tcp-conn-established 1200 tcp-conn-closed 1400 tcp-conn-failed 200 tcp-conn-reset 100 tcp-conn-half-open 50 tcp-conn-timeout 30
Refer to the exhibit. show routing route 10.0.1.0/24 vr: default 10.0.1.0/24 via 10.0.0.2, interface ethernet1/3, metric 10, preference 10, route-type static via 10.0.0.3, interface ethernet1/4, metric 20, preference 10, route-type static via 10.0.0.4, interface ethernet1/5, metric 10, preference 30, route-type ospf
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Records session information
Records blocked attacks
Records web browsing activity
Records files sent for analysis
Refer to the exhibit. ``` admin@PA-220> show session id 12345 Session ID: 12345 Application: ssl Source IP: 10.1.1.100 Destination IP: 172.16.1.10 Source Port: 45012 Destination Port: 443 Source Zone: trust Destination Zone: dmz Ingress Interface: ethernet1/1 Egress Interface: ethernet1/2 NAT: source (10.1.1.100 -> 192.168.1.100) State: active -------------------------------------------------------------------------- ```
Refer to the exhibit.
```
! Firewall configuration snippet
security-rule {
name Allow-Web;
source-zone trust;
destination-zone dmz;
source-address 10.0.0.0/24;
destination-address 172.16.1.0/24;
application web-browsing;
service application-default;
action allow;
log-start;
log-end;
}
```Refer to the exhibit. ``` > show running security-policy Rule Name Source Zone Dest Zone App Action ---------------------------------------------------------------- 1: Block-SSH any any ssh deny 2: Allow-SSH-Admin trust untrust ssh allow 3: Allow-Web trust untrust web-browsing allow ```
Refer to the exhibit. show security-policy 1. From trust -> untrust, source any, destination any, application any, service any, action allow, schedule none, log start none, log end yes 2. From trust -> untrust, source any, destination any, application ssl, service application-default, action deny, schedule none, log start no, log end yes 3. From trust -> untrust, source any, destination any, application web-browsing, service application-default, action allow, schedule none, log start no, log end yes
Refer to the exhibit. configure edit vsys1 set rulebase nat rules mynat set destination nat set original-packet source-zone trust set original-packet destination-address 203.0.113.10 set original-packet destination-port 80 set translated-packet source-zone trust set translated-packet destination-address 10.0.0.5 set translated-packet destination-port 80
Refer to the exhibit.
```
> show security-rule rule1
rule "rule1" {
from untrust;
to trust;
source [10.1.1.0/24];
negate-source yes;
destination any;
application any;
service any;
action allow;
}
```