pcnsa question 230 discussion

View all Palo Alto Networks Certified Network Security Administrator here
back to palo-alto-networks forum

Question 230

The Administrator profile PCNSA Admin is configured with an Authentication profile Authentication Sequence PCNSA.
The Authentication Sequence PCNSA has a profile list with four Authentication profiles:

Auth Profile LDAP
Auth Profile Radius
Auth Profile Local
Auth Profile TACACS
After a network outage, the LDAP server is no longer reachable. The RADIUS server is still reachable but has lost the PCNSA Admin username and password.

Which option describes the PCNSA Admin login capabilities after the outage?

  • A. Auth OK because of the Auth Profile TACACS
  • B. Auth KO because RADIUS server lost user and password for PCNSA Admin
  • C. Auth OK because of the Auth Profile Local
  • D. Auth KO because LDAP server is not reachable
Answer:

d

User Votes:
A
50%
B
50%
C 2 votes
50%
D
50%
Discussions
0 / 1000
sara123
1 month, 3 weeks ago

LDAP: Unreachable, so authentication fails for this method.
RADIUS: Unreachable for the PCNSA Admin username and password, so authentication fails for this method as well.
Local: Since the local authentication profile typically allows for local accounts stored on the device, if the PCNSA Admin account exists locally, authentication will succeed through this method.
TACACS: While it could potentially work if configured, the scenario does not indicate that the TACACS server is available or that the PCNSA Admin account exists there.

0