Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 37

When you troubleshoot an SSL Decryption issue, which PAN-OS CL1 command do you use to check the details of the Forward Trust certificate. Forward Untrust certificate, and SSL Inbound Inspection certificate?

Which server platforms can be monitored when a company is deploying User-ID through server monitoring in an environment with diverse directory services?

Which two actions must an engineer take to configure SSL Forward Proxy decryption? (Choose two.)

Which two items must be configured when implementing application override and allowing traffic through the firewall? (Choose two.)

Which log type is supported in the Log Forwarding profile?

A firewall engineer needs to update a company's Panorama-managed firewalls to the latest version of PAN-OS. Strict security requirements are blocking internet access to Panorama and to the firewalls. The PAN-OS images have previously been downloaded to a secure host on the network.

Which path should the engineer follow to deploy the PAN-OS images to the firewalls?

Which function does the HA4 interface provide when implementing a firewall cluster which contains firewalls configured as active-passive pairs?

An administrator has a Palo Alto Networks NGFW. All security subscriptions and decryption are enabled and the system is running close to its resource limits.

Knowing that using decryption can be resource-intensive, how can the administrator reduce the load on the firewall?

A security engineer wants to upgrade the company's deployed firewalls from PAN-OS 10.1 to 11.0.x to take advantage of the new TLSvl.3 support for management access.

What is the recommended upgrade path procedure from PAN-OS 10.1 to 11.0.x?