ExamGecko

Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 41

Question list
Search
Search

List of questions

Search

Related questions











Question 401

Report
Export
Collapse

A firewall engineer supports a mission-critical network that has zero tolerance for application downtime. A best-practice action taken by the engineer is configure an applications and Threats update schedule with a new App-ID threshold of 48 hours. Which two additional best-practice guideline actions should be taken with regard to dynamic updates? (Choose two.)

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 402

Report
Export
Collapse

All firewall at a company are currently forwarding logs to Palo Alto Networks log collectors. The company also wants to deploy a sylog server and forward all firewall logs to the syslog server and to the log collectors. There is known logging peak time during the day, and the security team has asked the firewall engineer to determined how many logs per second the current Palo Alto Networking log processing at that particular time. Which method is the most time-efficient to complete this task?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 403

Report
Export
Collapse

All firewall at a company are currently forwarding logs to Palo Alto Networks log collectors. The company also wants to deploy a sylog server and forward all firewall logs to the syslog server and to the log collectors. There is known logging peak time during the day, and the security team has asked the firewall engineer to determined how many logs per second the current Palo Alto Networking log processing at that particular time. Which method is the most time-efficient to complete this task?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 404

Report
Export
Collapse

An administrator is assisting a security engineering team with a decryption rollout for inbound and forward proxy traffic. Incorrect firewall sizing is preventing the team from decrypting all of the traffic they want to decrypt. Which three items should be prioritized for decryption? (Choose three.)

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 405

Report
Export
Collapse

A firewall administrator wants to be able at to see all NAT sessions that are going 'through a firewall with source NAT. Which CLI command can the administrator use?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 406

Report
Export
Collapse

Following a review of firewall logs for traffic generated by malicious activity, how can an administrator confirm that WildFire has identified a virus?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 407

Report
Export
Collapse

A customer wants to deploy User-ID on a Palo Alto Network NGFW with multiple vsys. One of the vsys will support a GlobalProtect portal and gateway. the customer uses Windows

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 408

Report
Export
Collapse

The server team is concerned about the high volume of logs forwarded to their syslog server, it is determined that DNS is generating the most logs per second. The risk and compliance team requests that any Traffic logs indicating port abuse of port 53 must still be forwarded to syslog. All other DNS. Traffic logs can be exclude from syslog forwarding. How should syslog log forwarding be configured?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 409

Report
Export
Collapse

An administrator needs to assign a specific DNS server to an existing template variable. Where would the administrator go to edit a template variable at the device level?

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member

Question 410

Report
Export
Collapse

A firewall administrator is configuring an IPSec tunnel between a company's HQ and a remote location. On the HQ firewall, the interface used to terminate the IPSec tunnel has a static IP. At the remote location, the interface used to terminate the IPSec tunnel has a DHCP assigned IP address.

Which two actions are required for this scenario to work? (Choose two.)

Become a Premium Member for full access
Unlock Premium Member  Unlock Premium Member
Total 470 questions
Go to page: of 47