ExamGecko
Search Search Login
Ask QuestionAsk Question

Palo Alto Networks PCNSC Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An existing customer who has deployed several Palo Alto Networks Next-Generation Firewalls would like to start using Device-ID to obtain policy rule recommendations They have also purchased a Support license, a Threat license a URL Filtering license, and a WildFire license for each firewall What additional license do they need to purchase'?
A customer is adding a new site-to-site tunnel from a Palo Alto Networks NGFW to a third party with a policy based VPN peer After the initial configuration is completed and the changes are committed, phase 2 fails to establish Which two changes may be required to fix the issue? (Choose two)
Which of the following WildFire action settings will ensure that a malicious file is quarantined and prevented from spreading?
How can you verify that a new security policy is correctly blocking traffic without disrupting the network?
A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an 'allow any' rule What should the consultant say about Expedition?
What is the maximum number of virtual systems supported by a Palo Alto Networks VM-300 firewall?
Which firewall interface type allows you to non-disruptively monitor traffic coming from a port operating in promiscuous mode?
Which touting configuration should you recommend lo a customer who wishes lo actively use multiple pathways to the same destination?
In an HA (High Availability) setup, what is the purpose of the HA3 link?
Which of the following is NOT a benefit of using App-ID?

Question 1

Report
Export
Collapse

TAC has requested a PCAP on your Panorama lo see why the DNS app is having intermittent issues resolving FODN What is the appropriate CLI command1*

A.
tcp dump snaplen 53 filter 'tcp 53'
A.
tcp dump snaplen 53 filter 'tcp 53'
Answers
B.
tcpdump snaplen 0 filter 'port 53'
B.
tcpdump snaplen 0 filter 'port 53'
Answers
C.
tcp dump snap-en 0 filter 'app dns'
C.
tcp dump snap-en 0 filter 'app dns'
Answers
D.
tcpdump snaplen 53 filter 'port 53'
D.
tcpdump snaplen 53 filter 'port 53'
Answers
Suggested answer: B

Explanation:

To capture a PCAP on your Panorama to troubleshoot DNS resolution issues, the appropriate CLI command is:

B . tcpdump snaplen 0 filter 'port 53'

This command captures packets with no size limit (snaplen 0) and filters the traffic for port 53, which is used by DNS. This is the most straightforward and comprehensive way to capture all DNS traffic for analysis.

Palo Alto Networks - Using tcpdump on PAN-OS: https://knowledgebase.paloaltonetworks.com

Palo Alto Networks - Troubleshooting Network Connectivity Issues: https://docs.paloaltonetworks.com

asked 23/09/2024
Hassene SAADI
39 questions

Question 2

Report
Export
Collapse

Examine the configured Security policy rule Which day one/Iron Skillet Security Profile Group is used to secure the traffic that is permitted through this rule?

A.
Inbound
A.
Inbound
Answers
B.
Outbound
B.
Outbound
Answers
C.
Internal
C.
Internal
Answers
D.
Detautl
D.
Detautl
Answers
Suggested answer: C

Explanation:

The security policy rule shown in the image is configured to permit traffic from a source zone LAN-User-Zone to a destination zone Server-Zone. The applications allowed include tftp, ssl, and web-browsing, and the action is allow. According to Iron Skillet day one configurations, which provide best practice security profiles for immediate deployment, the relevant security profile group used to secure internal traffic like this is the Internal profile group.

Iron Skillet provides predefined configuration templates including security profile groups like Internal, External, and others to quickly secure traffic according to typical deployment scenarios.

Palo Alto Networks - Iron Skillet Documentation: https://github.com/PaloAltoNetworks/iron-skillet

asked 23/09/2024
Ramesh K
42 questions

Question 3

Report
Export
Collapse

Which of the following is a primary use case for the Decryption Broker feature?

A.
Managing multiple decryption rules
A.
Managing multiple decryption rules
Answers
B.
Sharing decrypted traffic with multiple security appliances
B.
Sharing decrypted traffic with multiple security appliances
Answers
C.
Decrypting outbound SSL traffic
C.
Decrypting outbound SSL traffic
Answers
D.
Aggregating traffic logs from different sources
D.
Aggregating traffic logs from different sources
Answers
Suggested answer: B
asked 23/09/2024
Tarnauceanu Diana
40 questions

Question 4

Report
Export
Collapse

How can you ensure that a Palo Alto Networks firewall does not block traffic during a software update?

A.
Enable the Suspend Traffic During Upgrade option
A.
Enable the Suspend Traffic During Upgrade option
Answers
B.
Schedule the upgrade during a maintenance window
B.
Schedule the upgrade during a maintenance window
Answers
C.
Configure session synchronization
C.
Configure session synchronization
Answers
D.
Use the High Availability feature
D.
Use the High Availability feature
Answers
Suggested answer: B
asked 23/09/2024
Rajiv Ranjan
52 questions

Question 5

Report
Export
Collapse

Which CLI command is used to verify the high availability state of a Palo Alto Networks firewall?

A.
show high-availability state
A.
show high-availability state
Answers
B.
show ha state
B.
show ha state
Answers
C.
show ha status
C.
show ha status
Answers
D.
show high-availability status
D.
show high-availability status
Answers
Suggested answer: C
asked 23/09/2024
Gina Diaz
33 questions

Question 6

Report
Export
Collapse

In Panorama, what is the correct order of precedence for security policies?

A.
Device group pre-rules, shared pre-rules, local rules, device group post-rules, shared post-rules
A.
Device group pre-rules, shared pre-rules, local rules, device group post-rules, shared post-rules
Answers
B.
Shared pre-rules, device group pre-rules, local rules, shared post-rules, device group post-rules
B.
Shared pre-rules, device group pre-rules, local rules, shared post-rules, device group post-rules
Answers
C.
Shared pre-rules, device group pre-rules, local rules, device group post-rules, shared post-rules
C.
Shared pre-rules, device group pre-rules, local rules, device group post-rules, shared post-rules
Answers
D.
Device group pre-rules, shared pre-rules, local rules, shared post-rules, device group post-rules
D.
Device group pre-rules, shared pre-rules, local rules, shared post-rules, device group post-rules
Answers
Suggested answer: C
asked 23/09/2024
miquel martin leiva
42 questions

Question 7

Report
Export
Collapse

A firewall that was previously connected lo a User-ID agent server now shows disconnected What is the likely cause?

A.
The server has stopped listening on port 2010
A.
The server has stopped listening on port 2010
Answers
B.
The Domain Controller service account has been locked out
B.
The Domain Controller service account has been locked out
Answers
C.
The agent is not running
C.
The agent is not running
Answers
D.
The firewall was upgraded to a PAN-OS version that is not compatible with the agent version
D.
The firewall was upgraded to a PAN-OS version that is not compatible with the agent version
Answers
Suggested answer: D

Explanation:

If a firewall that was previously connected to a User-ID agent server now shows disconnected, the likely cause is:

D . The firewall was upgraded to a PAN-OS version that is not compatible with the agent version

When a firewall is upgraded to a new version of PAN-OS, there can be compatibility issues with the existing User-ID agent if it is not updated accordingly. This can result in the firewall being unable to communicate with the User-ID agent, showing it as disconnected.

Palo Alto Networks - User-ID Agent Compatibility: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/user-id/user-id-agent

asked 23/09/2024
Bruno Piovan
27 questions

Question 8

Report
Export
Collapse

A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an 'allow any' rule

What should the consultant say about Expedition?

A.
Expedition cannot parse log files and therefore cannot be used for this purpose
A.
Expedition cannot parse log files and therefore cannot be used for this purpose
Answers
B.
By using the Machine Learning feature Expedition can parse the traffic log files related to the polcy and extract security rules for matching traffic
B.
By using the Machine Learning feature Expedition can parse the traffic log files related to the polcy and extract security rules for matching traffic
Answers
C.
Live firewall traffic can be viewed on Expedition when connected to a firewall, and Expedition can automatically create and push policies to the firewall
C.
Live firewall traffic can be viewed on Expedition when connected to a firewall, and Expedition can automatically create and push policies to the firewall
Answers
D.
The log files can be viewed on Expedition, and right-clicking a log entry gives the option to create security policy from the log entry.
D.
The log files can be viewed on Expedition, and right-clicking a log entry gives the option to create security policy from the log entry.
Answers
Suggested answer: B

Explanation:

The Expedition tool can help the customer extract security policies from an 'allow any' rule by using its Machine Learning feature:

B . By using the Machine Learning feature, Expedition can parse the traffic log files related to the policy and extract security rules for matching traffic

Expedition can analyze traffic log files and apply machine learning algorithms to suggest security policies that match the observed traffic patterns. This helps in creating a more secure and granular policy set from a broad 'allow any' rule.

Palo Alto Networks - Expedition Documentation: https://live.paloaltonetworks.com/t5/expedition-migration-tool/ct-p/migration_tool

Palo Alto Networks - Using Machine Learning in Expedition: https://live.paloaltonetworks.com/t5/expedition-articles/expedition-machine-learning-overview/ta-p/260401

asked 23/09/2024
Petros Kapouleas
46 questions

Question 9

Report
Export
Collapse

In an environment using User-ID, what role does the User-ID agent play?

A.
It assigns IP addresses to users
A.
It assigns IP addresses to users
Answers
B.
It maps user identities to IP addresses
B.
It maps user identities to IP addresses
Answers
C.
It inspects traffic for malicious content
C.
It inspects traffic for malicious content
Answers
D.
It enforces security policies based on IP addresses
D.
It enforces security policies based on IP addresses
Answers
Suggested answer: B
asked 23/09/2024
George Morales
47 questions

Question 10

Report
Export
Collapse

Which two types of security profiles are recommended to protect against known and unknown threats? (Choose two)

A.
Antivirus
A.
Antivirus
Answers
B.
URL Filtering
B.
URL Filtering
Answers
C.
Anti-Spyware
C.
Anti-Spyware
Answers
D.
File Blocking
D.
File Blocking
Answers
Suggested answer: A, C
asked 23/09/2024
Alexandra Peralta Reyes
43 questions
Total 60 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy policy
Terms
Disclaimer
Refund policy
Copyright
Twitter X
Facebook
Medium