ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCNSE

Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 15

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

If a URL is in multiple custom URL categories with different actions, which action will take priority?
When you navigate to Network: > GlobalProtect > Portals > Method section, which three options are available? (Choose three )
A network security engineer is attempting to peer a virtual router on a PAN-OS firewall with an external router using the BGP protocol. The peer relationship is not establishing. What command could the engineer run to see the current state of the BGP state between the two devices?
Which type of policy in Palo Alto Networks firewalls can use Device-ID as a match condition?
Based on the screenshots above, and with no configuration inside the Template Stack itself, what access will the device permit on its Management port?
A firewall administrator has been tasked with ensuring that all firewalls forward System logs to Panorama. In which section is this configured?
DRAG DROP An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple routing protocols, and the engineer is trying to determine routing priority Match the default Administrative Distances for each routing protocol.
An administrator analyzes the following portion of a VPN system log and notices the following issue "Received local id 10 10 1 4/24 type IPv4 address protocol 0 port 0, received remote id 10.1.10.4/24 type IPv4 address protocol 0 port 0." What is the cause of the issue?
Following a review of firewall logs for traffic generated by malicious activity, how can an administrator confirm that WildFire has identified a virus?
An engineer is reviewing policies after a PAN-OS upgrade What are the two differences between Highlight Unused Rules and the Rule Usage Hit counters immediately after a reboot?

Question 141

Report
Export
Collapse

An administrator wants multiple web servers In the DMZ to receive connections initiated from the internet. Traffic destined for 206.15.22.9 port 80/TCP needs to be forwarded to the server at 10.1.1.22.

Based on the image, which NAT rule will forward web-browsing traffic correctly?

A.
A.
Answers
B.
B.
Answers
C.
C.
Answers
D.
D.
Answers
Suggested answer: B

Explanation:

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/networking/nat/nat-configuration- examples/destination-nat-exampleone-to-one-mapping.html

Question 142

Report
Export
Collapse

An engineer is tasked with enabling SSL decryption across the environment. What are three valid parameters of an SSL Decryption policy? (Choose three.)

A.
URL categories
A.
URL categories
Answers
B.
source users
B.
source users
Answers
C.
source and destination IP addresses
C.
source and destination IP addresses
Answers
D.
App-ID
D.
App-ID
Answers
E.
GlobalProtect HIP
E.
GlobalProtect HIP
Answers
Suggested answer: A, B, C

Explanation:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEZCA0 https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/decryption/define-traffic-to- decrypt/create-a-decryption-policy-rule

Question 143

Report
Export
Collapse

A firewall administrator has been tasked with ensuring that all Panorama-managed firewalls forward traffic logs to Panoram a. In which section is this configured?

A.
Panorama > Managed Devices
A.
Panorama > Managed Devices
Answers
B.
Monitor > Logs > Traffic
B.
Monitor > Logs > Traffic
Answers
C.
Device Groups > Objects > Log Forwarding
C.
Device Groups > Objects > Log Forwarding
Answers
D.
Templates > Device > Log Settings
D.
Templates > Device > Log Settings
Answers
Suggested answer: C

Explanation:

https://docs.paloaltonetworks.com/panorama/10-2/panorama-admin/manage-log- collection/configure-log-forwarding-to-panorama

Question 144

Report
Export
Collapse

An administrator discovers that a file blocked by the WildFire inline ML feature on the firewall is a false-positive action. How can the administrator create an exception for this particular file?

A.
Add partial hash and filename in the file section of the WildFire inline ML tab of the Antivirus profile.
A.
Add partial hash and filename in the file section of the WildFire inline ML tab of the Antivirus profile.
Answers
B.
Set the WildFire inline ML action to allow for that protocol on the Antivirus profile.
B.
Set the WildFire inline ML action to allow for that protocol on the Antivirus profile.
Answers
C.
Add the related Threat ID in the Signature exceptions tab of the Antivirus profile.
C.
Add the related Threat ID in the Signature exceptions tab of the Antivirus profile.
Answers
D.
Disable the WildFire profile on the related Security policy.
D.
Disable the WildFire profile on the related Security policy.
Answers
Suggested answer: A

Explanation:

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/threat-prevention/wildfire-inline- ml/configure-wildfire-inline-ml"The File Exceptions table allows you to define specific files that you do not want analyzed, such as false-positives.

To create a new file exception entry, Add a new entry and provide the partial hash, filename, and description of the file that you want to exclude from enforcement." https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-web-interface-help/ objects/objects- security-profiles-antivirus

Question 145

Report
Export
Collapse

A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443 A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents over HTTP(S). Traffic from Trust to DMZ is being decrypted with a Forward Proxy rule.

Which combination of service and application, and order of Security policy rules, needs to be configured to allow cJeartext web-browsing traffic to this server on tcp/443?

A.
Rule #1 application: web-browsing; service application-default; action: allow Rule #2- application: ssl; service: application-default; action: allow
A.
Rule #1 application: web-browsing; service application-default; action: allow Rule #2- application: ssl; service: application-default; action: allow
Answers
B.
Rule #1: application; web-browsing; service: service-https; action: allow Rule #2 application: ssl;service: application-default, action: allow
B.
Rule #1: application; web-browsing; service: service-https; action: allow Rule #2 application: ssl;service: application-default, action: allow
Answers
C.
Rule #1: application: web-browsing; service: service-http; action: allow Rule #2: application: ssl;service: application-default; action: allow
C.
Rule #1: application: web-browsing; service: service-http; action: allow Rule #2: application: ssl;service: application-default; action: allow
Answers
D.
Rule tf1 application: ssl; service: application-default; action: allow Rule #2 application; webbrowsing; service application-default; action: allow
D.
Rule tf1 application: ssl; service: application-default; action: allow Rule #2 application; webbrowsing; service application-default; action: allow
Answers
Suggested answer: B

Explanation:

This combination of service and application, and order of Security policy rules, allows clear-text web- browsing traffic to the server on tcp/443. The first rule matches the web-browsing application on the service-https service, which is a predefined service object that includes tcp/443 as the default port.The second rule matches the ssl application on the application-default service, which is a dynamic service object that includes the default ports for each application. This rule is needed to allow the decrypted ssl traffic to pass through the firewall after the Forward Proxy rule. The order of the rules is important because the firewall evaluates the rules from top to bottom and applies the first matching rule. https://live.paloaltonetworks.com/t5/general-topics/web-browsing-default-port-application/td- p/228859

Question 146

Report
Export
Collapse

The firewall identifies a popular application as an unKnown-tcp.

Which two options are available to identify the application? (Choose two.)

A.
Create a custom application.
A.
Create a custom application.
Answers
B.
Submit an App-ID request to Palo Alto Networks.
B.
Submit an App-ID request to Palo Alto Networks.
Answers
C.
Create a custom object for the application server.
C.
Create a custom object for the application server.
Answers
D.
Create a Security policy to identify the custom application.
D.
Create a Security policy to identify the custom application.
Answers
Suggested answer: A, B

Explanation:

You can create a custom app: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/app- id/use-application-objects-in-policy/create-a-custom-application or submit a request to PANhttps://www.paloaltonetworks.com/blog/submit-an-application/

Question 147

Report
Export
Collapse

An administrator is required to create an application-based Security policy rule to allow Evernote.

The Evernote application implicitly uses SSL and web browsing. What is the minimum the administrator needs to configure in the Security rule to allow only Evernote?

A.
Add the Evernote application to the Security policy rule, then add a second Security policy rule containing both HTTP and SSL.
A.
Add the Evernote application to the Security policy rule, then add a second Security policy rule containing both HTTP and SSL.
Answers
B.
Add the HTTP, SSL, and Evernote applications to the same Security policy
B.
Add the HTTP, SSL, and Evernote applications to the same Security policy
Answers
C.
Add only the Evernote application to the Security policy rule.
C.
Add only the Evernote application to the Security policy rule.
Answers
D.
Create an Application Override using TCP ports 443 and 80.
D.
Create an Application Override using TCP ports 443 and 80.
Answers
Suggested answer: C

Explanation:

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/app-id/applications-with-implicit- supportion:

Question 148

Report
Export
Collapse

DRAG DROP

An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple routing protocols, and the engineer is trying to determine routing priority Match the default Administrative Distances for each routing protocol.


Question 148
Correct answer: Question 148

Question 149

Report
Export
Collapse

Your company occupies one floor in a single building. You have two Active Directory domain controllers on a single network. The firewall's management-plane resources are lightly utilized.

Given the size of this environment, which User-ID collection method is sufficient?

A.
Citrix terminal server agent deployed on the network
A.
Citrix terminal server agent deployed on the network
Answers
B.
Windows-based agent deployed on each domain controller
B.
Windows-based agent deployed on each domain controller
Answers
C.
PAN-OS integrated agent deployed on the firewall
C.
PAN-OS integrated agent deployed on the firewall
Answers
D.
a syslog listener
D.
a syslog listener
Answers
Suggested answer: C

Question 150

Report
Export
Collapse

An engineer needs to permit XML API access to a firewall for automation on a network segment that is routed through a Layer 3 sub interface on a Palo Alto Networks firewall. However this network segment cannot access the dedicated management interface due to the Security policy Without changing the existing access to the management interface how can the engineer fulfill this request?

A.
Enable HTTPS in an Interface Management profile on the sub interface
A.
Enable HTTPS in an Interface Management profile on the sub interface
Answers
B.
Add the network segment's IP range to the Permitted IP Addresses list
B.
Add the network segment's IP range to the Permitted IP Addresses list
Answers
C.
Specify the subinterface as a management interface in Setup > Device > Interfaces
C.
Specify the subinterface as a management interface in Setup > Device > Interfaces
Answers
D.
Cnfigure a service route for HTTP to use the subinterface
D.
Cnfigure a service route for HTTP to use the subinterface
Answers
Suggested answer: A
Total 426 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms