ExamGecko
Login
Home / Palo Alto Networks / PCNSE / List of questions
Ask Question

Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 24

List of questions

Question 231

Report Export Collapse

A security engineer received multiple reports of an IPSec VPN tunnel going down the night before.

The engineer couldn't find any events related to VPN under system togs.

What is the likely cause?

Dead Peer Detection is not enabled.
Dead Peer Detection is not enabled.
Tunnel Inspection settings are misconfigured.
Tunnel Inspection settings are misconfigured.
The Tunnel Monitor is not configured.
The Tunnel Monitor is not configured.
The log quota for GTP and Tunnel needs to be adjusted
The log quota for GTP and Tunnel needs to be adjusted
Suggested answer: C
Explanation:

This means that the firewall does not have a mechanism to monitor the status of the IPSec VPN tunnel and generate logs when it goes down or up. The Tunnel Monitor is an optional feature that can be enabled on each IPSec tunnel interface and it uses ICMP probes to check the connectivity of the tunnel peer. If the firewall does not receive a response from the peer after a specified number of retries, it marks the tunnel as down and logs an event1.

asked 23/09/2024
Dang Xuan Bao
45 questions

Question 232

Report Export Collapse

How should an administrator enable the Advance Routing Engine on a Palo Alto Networks firewall?

Enable Advanced Routing Engine in Device > Setup > Session > Session Settings, then commit and reboot.
Enable Advanced Routing Engine in Device > Setup > Session > Session Settings, then commit and reboot.
Enable Advanced Routing in Network > Virtual Routers > Redistribution Profiles and then commit.
Enable Advanced Routing in Network > Virtual Routers > Redistribution Profiles and then commit.
Enable Advanced Routing in Network > Virtual Routers > Router Settings > General, then commit and reboot.
Enable Advanced Routing in Network > Virtual Routers > Router Settings > General, then commit and reboot.
Enable Advanced Routing in General Settings of Device > Setup > Management, then commit and reboot
Enable Advanced Routing in General Settings of Device > Setup > Management, then commit and reboot
Suggested answer: C
Explanation:

Enable Advanced Routing in Network > Virtual Routers > Router Settings > General, then commit and reboot1. This means that the administrator can enable advanced routing features such as RIB filtering, BFD, multicast, and redistribution profiles for each virtual router on the firewall. The firewall requires a reboot after enabling advanced routing to apply the changes.

asked 23/09/2024
Narender B
38 questions

Question 233

Report Export Collapse

A firewall engineer creates a new App-ID report under Monitor > Reports > Application Reports > New Application to monitor new applications on the network and better assess any Security policy updates the engineer might want to make.

How does the firewall identify the New App-ID characteristic?

It matches to the New App-IDs downloaded in the last 30 days.
It matches to the New App-IDs downloaded in the last 30 days.
It matches to the New App-IDs downloaded in the last 90 days
It matches to the New App-IDs downloaded in the last 90 days
It matches to the New App-IDs installed since the last time the firewall was rebooted
It matches to the New App-IDs installed since the last time the firewall was rebooted
It matches to the New App-IDs in the most recently installed content releases.
It matches to the New App-IDs in the most recently installed content releases.
Suggested answer: D
Explanation:

When creating a new App-ID report under Monitor > Reports > Application Reports > New Application, the firewall identifies new applications based on the New App-IDs in the most recently installed content releases. The New App-IDs are the application signatures that have been added in the latest content release, which can be found under Objects > Security Profiles > Application. This allows the engineer to monitor any new applications that have been added to the firewall's database and evaluate whether to allow or block them with a Security policy update.

asked 23/09/2024
CCF AG Alexander Seidler
36 questions

Question 234

Report Export Collapse

An organization conducts research on the benefits of leveraging the Web Proxy feature of PAN-OS 11.0.

What are two benefits of using an explicit proxy method versus a transparent proxy method?

(Choose two.)

No client configuration is required for explicit proxy, which simplifies the deployment complexity.
No client configuration is required for explicit proxy, which simplifies the deployment complexity.
Explicit proxy allows for easier troubleshooting, since the client browser is aware of the existence of the proxy.
Explicit proxy allows for easier troubleshooting, since the client browser is aware of the existence of the proxy.
Explicit proxy supports interception of traffic using non-standard HTTPS ports.
Explicit proxy supports interception of traffic using non-standard HTTPS ports.
It supports the X-Authenticated-User (XAU) header, which contains the authenticated username in the outgoing request
It supports the X-Authenticated-User (XAU) header, which contains the authenticated username in the outgoing request
Suggested answer: B, C
Explanation:

B. Explicit proxy allows for easier troubleshooting, since the client browser is aware of the existence of the proxy12. This means that the client can see the proxy's IP address and port number, and can use tools like ping or traceroute to check connectivity and latency issues. Transparent proxies are invisible to the client browser, which makes it harder to diagnose problems.

C. Explicit proxy supports interception of traffic using non-standard HTTPS ports3. This means thatthe proxy can handle HTTPS requests that use ports other than 443, which may be required by someapplications or websites. Transparent proxies can only intercept HTTPS traffic on port 443, whichlimits their functionality.

asked 23/09/2024
Adam Burdett
39 questions

Question 235

Report Export Collapse

What is the best definition of the Heartbeat Interval?

Become a Premium Member for full access
  Unlock Premium Member

Question 236

Report Export Collapse

An administrator wants to configure the Palo Alto Networks Windows User-ID agent to map IP addresses to usernames. The company uses four Microsoft Active Directory servers and two Microsoft Exchange servers, which can provide logs for login events.

All six servers have IP addresses assigned from the following subnet: 192.168 28.32/27. The Microsoft Active Directory servers reside in 192.168.28.32/28. and the Microsoft Exchange servers resideL in 192.168.28 48/28 What information does the administrator need to provide in the User Identification > Discovery section?

Become a Premium Member for full access
  Unlock Premium Member

Question 237

Report Export Collapse

A network engineer troubleshoots a VPN Phase 2 mismatch and decides that PFS (Perfect Forward Secrecy) needs to be enabled.

What action should the engineer take?

Become a Premium Member for full access
  Unlock Premium Member

Question 238

Report Export Collapse

A network security engineer configured IP multicast in the virtual router to support a new application. Users in different network segments are reporting that they are unable to access the application.

What must be enabled to allow an interface to forward multicast traffic?

Become a Premium Member for full access
  Unlock Premium Member

Question 239

Report Export Collapse

A super user is tasked with creating administrator accounts for three contractors. For compliance purposes, all three contractors will be working with different device-groups m their hierarchy to deploy policies and objects.

Which type of role-based access is most appropriate for this project?

Become a Premium Member for full access
  Unlock Premium Member

Question 240

Report Export Collapse

An engineer receives reports from users that applications are not working and that websites are only partially loading in an asymmetric environment. After investigating, the engineer observes the flow_tcp_non_syn_drop counter increasing in the show counters global output.

Which troubleshooting command should the engineer use to work around this issue?

Become a Premium Member for full access
  Unlock Premium Member
Total 470 questions
Go to page: of 47
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Before an administrator of a VM-500 can enable DoS and zone protection, what actions need to be taken?
Phase two of a VPN will not establish a connection. The peer is using a policy-based VPN configuration. What part of the configuration should the engineer verify'?
During the process of developing a decryption strategy and evaluating which websites are required for corporate users to access, several sites have been identified that cannot be decrypted due to technical reasons. In this case, the technical reason is unsupported ciphers. Traffic to these sites will therefore be blocked if decrypted How should the engineer proceed?
If a URL is in multiple custom URL categories with different actions, which action will take priority?
What is a correct statement regarding administrative authentication using external services with a local authorization method?
You are auditing the work of a co-worker and need to verify that they have matched the Palo Alto Networks Best Practices for Anti-Spyware Profiles. For which three severity levels should single-packet captures be enabled to meet the Best Practice standard? (Choose three.)
An administrator configures a site-to-site IPsec VPN tunnel between a PA-850 and an external customer on their policy-based VPN devices. What should an administrator configure to route interesting traffic through the VPN tunnel?
A company requires that a specific set of ciphers be used when remotely managing their Palo Alto Networks appliances. Which profile should be configured in order to achieve this?
When you navigate to Network: > GlobalProtect > Portals > Method section, which three options are available? (Choose three )
When you import the configuration of an HA pair into Panorama, how do you prevent the import from affecting ongoing traffic?