Palo Alto Networks Certified Network Security Administrator (PCNSA) — Question 352

The administrator profile "SYS01 Admin" is configured with authentication profile "Authentication Sequence SYS01," and the authentication sequence SYS01 has a profile list with four authentication profiles:

• Auth Profile LDAP
• Auth Profile Radius
• Auth Profile Local
• Auth Profile TACACS

After a network outage, the LDAP server is no longer reachable. The RADIUS server is still reachable but has lost the "SYS01 Admin" username and password.

What is the "SYS01 Admin" login capability after the outage?

Answer options

• A. Auth KO because RADIUS server lost user and password for SYS01 Admin
• B. Auth OK because of the Auth Profile TACACS
• C. Auth OK because of the Auth Profile Local
• D. Auth KO because LDAP server is not reachable

Correct answer: C

Explanation

'SYS01 Admin' can still authenticate successfully using the Auth Profile Local, which provides local credentials for access. The other options are incorrect as RADIUS has lost the necessary user information, TACACS is not being utilized in this scenario, and LDAP being unreachable does not affect local authentication.