ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCNSE

Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 41

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

If a URL is in multiple custom URL categories with different actions, which action will take priority?
When you navigate to Network: > GlobalProtect > Portals > Method section, which three options are available? (Choose three )
A network security engineer is attempting to peer a virtual router on a PAN-OS firewall with an external router using the BGP protocol. The peer relationship is not establishing. What command could the engineer run to see the current state of the BGP state between the two devices?
Which type of policy in Palo Alto Networks firewalls can use Device-ID as a match condition?
Based on the screenshots above, and with no configuration inside the Template Stack itself, what access will the device permit on its Management port?
A firewall administrator has been tasked with ensuring that all firewalls forward System logs to Panorama. In which section is this configured?
DRAG DROP An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple routing protocols, and the engineer is trying to determine routing priority Match the default Administrative Distances for each routing protocol.
An administrator analyzes the following portion of a VPN system log and notices the following issue "Received local id 10 10 1 4/24 type IPv4 address protocol 0 port 0, received remote id 10.1.10.4/24 type IPv4 address protocol 0 port 0." What is the cause of the issue?
Following a review of firewall logs for traffic generated by malicious activity, how can an administrator confirm that WildFire has identified a virus?
An engineer is reviewing policies after a PAN-OS upgrade What are the two differences between Highlight Unused Rules and the Rule Usage Hit counters immediately after a reboot?

Question 401

Report
Export
Collapse

A firewall engineer supports a mission-critical network that has zero tolerance for application downtime. A best-practice action taken by the engineer is configure an applications and Threats update schedule with a new App-ID threshold of 48 hours. Which two additional best-practice guideline actions should be taken with regard to dynamic updates? (Choose two.)

A.
Create a Security policy rule with an application filter to always allow certain categories of new App-IDs.
A.
Create a Security policy rule with an application filter to always allow certain categories of new App-IDs.
Answers
B.
Click 'Review Apps' after application updates are installed in order to assess how the changes might impact Security policy.
B.
Click 'Review Apps' after application updates are installed in order to assess how the changes might impact Security policy.
Answers
C.
Select the action 'download-only' when configuring an Applications and Threats update schedule.
C.
Select the action 'download-only' when configuring an Applications and Threats update schedule.
Answers
D.
Configure an Applications and Threats update schedule with a threshold of 24 to 48 hours
D.
Configure an Applications and Threats update schedule with a threshold of 24 to 48 hours
Answers
Suggested answer: B, C

Question 402

Report
Export
Collapse

All firewall at a company are currently forwarding logs to Palo Alto Networks log collectors. The company also wants to deploy a sylog server and forward all firewall logs to the syslog server and to the log collectors. There is known logging peak time during the day, and the security team has asked the firewall engineer to determined how many logs per second the current Palo Alto Networking log processing at that particular time. Which method is the most time-efficient to complete this task?

A.
Navigate to Panorama > Managed Collectors, and open the Statistics windows for each Log Collector during the peak time.
A.
Navigate to Panorama > Managed Collectors, and open the Statistics windows for each Log Collector during the peak time.
Answers
B.
Navigate to Monitor > Unified logs, set the filter to the peak time, and browse to the last page to find out how many logs have been received.
B.
Navigate to Monitor > Unified logs, set the filter to the peak time, and browse to the last page to find out how many logs have been received.
Answers
C.
Navigate to Panorama> Managed Devices> Health, open the Logging tab for each managed firewall and check the log rates during the peak time.
C.
Navigate to Panorama> Managed Devices> Health, open the Logging tab for each managed firewall and check the log rates during the peak time.
Answers
D.
Navigate to ACC> Network Activity, and determine the total number of sessions and threats during the peak time.
D.
Navigate to ACC> Network Activity, and determine the total number of sessions and threats during the peak time.
Answers
Suggested answer: A

Question 403

Report
Export
Collapse

All firewall at a company are currently forwarding logs to Palo Alto Networks log collectors. The company also wants to deploy a sylog server and forward all firewall logs to the syslog server and to the log collectors. There is known logging peak time during the day, and the security team has asked the firewall engineer to determined how many logs per second the current Palo Alto Networking log processing at that particular time. Which method is the most time-efficient to complete this task?

A.
Navigate to Panorama > Managed Collectors, and open the Statistics windows for each Log Collector during the peak time.
A.
Navigate to Panorama > Managed Collectors, and open the Statistics windows for each Log Collector during the peak time.
Answers
B.
Navigate to Monitor > Unified logs, set the filter to the peak time, and browse to the last page to find out how many logs have been received.
B.
Navigate to Monitor > Unified logs, set the filter to the peak time, and browse to the last page to find out how many logs have been received.
Answers
C.
Navigate to Panorama> Managed Devices> Health, open the Logging tab for each managed firewall and check the log rates during the peak time.
C.
Navigate to Panorama> Managed Devices> Health, open the Logging tab for each managed firewall and check the log rates during the peak time.
Answers
D.
Navigate to ACC> Network Activity, and determine the total number of sessions and threats during the peak time.
D.
Navigate to ACC> Network Activity, and determine the total number of sessions and threats during the peak time.
Answers
Suggested answer: A

Question 404

Report
Export
Collapse

An administrator is assisting a security engineering team with a decryption rollout for inbound and forward proxy traffic. Incorrect firewall sizing is preventing the team from decrypting all of the traffic they want to decrypt. Which three items should be prioritized for decryption? (Choose three.)

A.
Financial, health, and government traffic categories
A.
Financial, health, and government traffic categories
Answers
B.
Known traffic categories
B.
Known traffic categories
Answers
C.
Known malicious IP space
C.
Known malicious IP space
Answers
D.
Public-facing servers,
D.
Public-facing servers,
Answers
E.
Less-trusted internal IP subnets
E.
Less-trusted internal IP subnets
Answers
Suggested answer: B, C, D

Question 405

Report
Export
Collapse

A firewall administrator wants to be able at to see all NAT sessions that are going 'through a firewall with source NAT. Which CLI command can the administrator use?

A.
show session all filter nat-rule-source
A.
show session all filter nat-rule-source
Answers
B.
show running nat-rule-ippool rule 'rule_name
B.
show running nat-rule-ippool rule 'rule_name
Answers
C.
show running nat-policy
C.
show running nat-policy
Answers
D.
show session all filter nat source
D.
show session all filter nat source
Answers
Suggested answer: D

Question 406

Report
Export
Collapse

Following a review of firewall logs for traffic generated by malicious activity, how can an administrator confirm that WildFire has identified a virus?

A.
By navigating to Monitor > Logs > WildFire Submissions, applying filter '(subtype eq wildfire-virus)'
A.
By navigating to Monitor > Logs > WildFire Submissions, applying filter '(subtype eq wildfire-virus)'
Answers
B.
By navigating to Monitor > Logs > Threat, applying filter '(subtype eq wildfire-virus)'
B.
By navigating to Monitor > Logs > Threat, applying filter '(subtype eq wildfire-virus)'
Answers
C.
By navigating to Monitor > Logs > Traffic, applying filter '(subtype eq virus)'
C.
By navigating to Monitor > Logs > Traffic, applying filter '(subtype eq virus)'
Answers
D.
By navigating to Monitor > Logs> Threat, applying filter '(subtype eq virus)'
D.
By navigating to Monitor > Logs> Threat, applying filter '(subtype eq virus)'
Answers
Suggested answer: A

Question 407

Report
Export
Collapse

A customer wants to deploy User-ID on a Palo Alto Network NGFW with multiple vsys. One of the vsys will support a GlobalProtect portal and gateway. the customer uses Windows

A.
Deploy the GlobalProtect as a lee data hub.
A.
Deploy the GlobalProtect as a lee data hub.
Answers
B.
Deploy Window User 0 agents on each domain controller.
B.
Deploy Window User 0 agents on each domain controller.
Answers
C.
Deploys AILS integrated Use 10 agent on each vsys.
C.
Deploys AILS integrated Use 10 agent on each vsys.
Answers
D.
Deploy a M.200 as a Users-ID collector.
D.
Deploy a M.200 as a Users-ID collector.
Answers
Suggested answer: A

Question 408

Report
Export
Collapse

The server team is concerned about the high volume of logs forwarded to their syslog server, it is determined that DNS is generating the most logs per second. The risk and compliance team requests that any Traffic logs indicating port abuse of port 53 must still be forwarded to syslog. All other DNS. Traffic logs can be exclude from syslog forwarding. How should syslog log forwarding be configured?

A.
With (port,dst neq 53)' Traffic log filter Object > Log Forwarding.
A.
With (port,dst neq 53)' Traffic log filter Object > Log Forwarding.
Answers
B.
With '(port dst neq 53)' Traffic log filter inside Device > log Settings.
B.
With '(port dst neq 53)' Traffic log filter inside Device > log Settings.
Answers
C.
With '(app neq dns-base)'' Traffic log filter inside Device> Log Settings.
C.
With '(app neq dns-base)'' Traffic log filter inside Device> Log Settings.
Answers
D.
With '(app neq dns-base)'' Traffic log filter inside Objects> Log Forwarding
D.
With '(app neq dns-base)'' Traffic log filter inside Objects> Log Forwarding
Answers
Suggested answer: B

Question 409

Report
Export
Collapse

An administrator needs to assign a specific DNS server to an existing template variable. Where would the administrator go to edit a template variable at the device level?

A.
'Managed Devices > Device Association'
A.
'Managed Devices > Device Association'
Answers
B.
PDF Export under 'Panorama > Templates'
B.
PDF Export under 'Panorama > Templates'
Answers
C.
Variable CSV export under 'Panorama > Templates'
C.
Variable CSV export under 'Panorama > Templates'
Answers
D.
Manage variables under 'Panorama > Templates'
D.
Manage variables under 'Panorama > Templates'
Answers
Suggested answer: D

Question 410

Report
Export
Collapse

A firewall administrator is configuring an IPSec tunnel between a company's HQ and a remote location. On the HQ firewall, the interface used to terminate the IPSec tunnel has a static IP. At the remote location, the interface used to terminate the IPSec tunnel has a DHCP assigned IP address.

Which two actions are required for this scenario to work? (Choose two.)

A.
On the HQ firewall select peer IP address type FQDN
A.
On the HQ firewall select peer IP address type FQDN
Answers
B.
On the remote location firewall select peer IP address type Dynamic
B.
On the remote location firewall select peer IP address type Dynamic
Answers
C.
On the HQ firewall enable DDNS under the interface used for the IPSec tunnel
C.
On the HQ firewall enable DDNS under the interface used for the IPSec tunnel
Answers
D.
On the remote location firewall enable DONS under the interface used for the IPSec tunnel
D.
On the remote location firewall enable DONS under the interface used for the IPSec tunnel
Answers
Suggested answer: A, C
Total 426 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms