Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 236

The Net Sec Manager asked to create a new Firewall Operator profile with customized privileges.
In particular, the new firewall operator should be able to:

Check the configuration with read-only privilege for LDAP, RADIUS, TACACS+, and SAML as Server profiles to be used inside an Authentication profile.

The firewall operator should not be able to access anything else.

What is the right path m order to configure the new firewall Administrator Profile?

Answer options

• A. Device > Admin Roles > Add > Web UI > Device > Server Profiles Device > Admin Roles > Add > Web UI > disable access to everything else
• B. Device > Admin Roles > Add > Web UI > Objects > Server Profiles Device > Admin Roles > Add > Web UI > disable access to everything else
• C. Device > Admin Roles > Add >Web UI > Objects > Authentication Profile Device > Admin Roles > Add > Web UI > disable access to everything else
• D. Device > Admin Roles > Add > Web UI > Device > Authentication Profile Device > Admin Roles > Add > Web UI > disable access to everything else

Correct answer: A

Explanation

Option A is correct because it specifically allows access to the Server Profiles, which is necessary for the read-only configuration of LDAP, RADIUS, TACACS+, and SAML. The other options either direct access to the wrong sections or focus on Authentication Profiles instead of Server Profiles, which does not meet the requirement of the task.