Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 30

When an engineer configures an active/active high availability pair, which two links can they use?

(Choose two)

Which new PAN-OS 11.0 feature supports Pv6 traffic?

Information Security is enforcing group-based policies by using security-event monitoring on Windows User-ID agents for IP-to-User mapping in the network. During the rollout, Information Security identified a gap for users authenticating to their VPN and wireless networks. Root cause analysis showed that users were authenticating via RADIUS and that authentication events were not captured on the domain controllers that were being monitored Information Security found that authentication events existed on the Identity Management solution (IDM). There did not appear to be direct integration between PAN-OS and the IDM solution

How can Information Security extract and learn iP-to-user mapping information from authentication events for VPN and wireless users?

A company has recently migrated their branch office's PA-220S to a centralized Panorama. This Panorama manages a number of PA-7000 Series and PA-5200 Series devices All device group and template configuration is managed solely within Panorama

They notice that commit times have drastically increased for the PA-220S after the migration

What can they do to reduce commit times?

In a template, which two objects can be configured? (Choose two.)

Phase two of a VPN will not establish a connection. The peer is using a policy-based VPN configuration. What part of the configuration should the engineer verify'?

Which three external authentication services can the firewall use to authenticate admins into the Palo Alto Networks NGFW without creating administrator account on the firewall? (Choose three.)

ln a security-first network, what is the recommended threshold value for apps and threats to be dynamically updated?

Which DoS Protection Profile detects and prevents session exhaustion attacks against specific destinations?