ExamGecko
Home / Palo Alto Networks / PCNSE / List of questions
Ask Question

Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 35

Add to Whishlist

List of questions

Question 341

Report Export Collapse

An administrator has been tasked with configuring decryption policies,

Which decryption best practice should they consider?

Become a Premium Member for full access
  Unlock Premium Member

Question 342

Report Export Collapse

An engineer needs to configure a standardized template for all Panorama-managed firewalls. These settings will be configured on a template named 'Global' and will be included in all template stacks.

Which three settings can be configured in this template? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 343

Report Export Collapse

An engineer is monitoring an active/active high availability (HA) firewall pair.

Which HA firewall state describes the firewall that is currently processing traffic?

Become a Premium Member for full access
  Unlock Premium Member

Question 344

Report Export Collapse

When you import the configuration of an HA pair into Panorama, how do you prevent the import from affecting ongoing traffic?

Become a Premium Member for full access
  Unlock Premium Member

Question 345

Report Export Collapse

An engineer is troubleshooting a traffic-routing issue.

What is the correct packet-flow sequence?

Become a Premium Member for full access
  Unlock Premium Member

Question 346

Report Export Collapse

A consultant advises a client on designing an explicit Web Proxy deployment on PAN-OS 11 0 The client currently uses RADIUS authentication in their environment

Which two pieces of information should the consultant provide regarding Web Proxy authentication? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 347

Report Export Collapse

A root cause analysis investigation into a recent security incident reveals that several decryption rules have been disabled. The security team wants to generate email alerts when decryption rules are changed.

How should email log forwarding be configured to achieve this goal?

Become a Premium Member for full access
  Unlock Premium Member

Question 348

Report Export Collapse

A firewall administrator is configuring an IPSec tunnel between Site A and Site B. The Site A firewall uses a DHCP assigned address on the outside interface of the firewall, and the Site B firewall uses a static IP address assigned to the outside interface of the firewall. However, the use of dynamic peering is not working.

Refer to the two sets of configuration settings provided. Which two changes will allow the configurations to work? (Choose two.)

Site A configuration:

Palo Alto Networks PCNSE image Question 348 54585 09232024001220000000

Become a Premium Member for full access
  Unlock Premium Member

Question 349

Report Export Collapse

A firewall administrator configures the HIP profiles on the edge firewall where GlobalProtect is enabled, and adds the profiles to security rules. The administrator wants to redistribute the HIP reports to the data center firewalls to apply the same access restrictions using HIP profiles. However, the administrator can only see the HIP match logs on the edge firewall but not on the data center firewall

What are two reasons why the administrator is not seeing HIP match logs on the data center firewall? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 350

Report Export Collapse

Why are external zones required to be configured on a Palo Alto Networks NGFW in an environment with multiple virtual systems?

Become a Premium Member for full access
  Unlock Premium Member
Total 499 questions
Go to page: of 50
Search

Related questions