ExamGecko
Home / Palo Alto Networks / PCNSE / List of questions
Ask Question

Palo Alto Networks PCNSE Practice Test - Questions Answers, Page 44

Question list
Search

List of questions

Search

Related questions











Question 431

Report
Export
Collapse

While troubleshooting an issue, a firewall administrator performs a packet capture with a specific filter. The administrator sees drops for packets with a source IP address of 10.1.1.1.

How can the administrator further investigate these packet drops by looking at the global counters for this packet capture filter?

Become a Premium Member for full access
  Unlock Premium Member

Question 432

Report
Export
Collapse

What does the User-ID agent use to find login and logout events in syslog messages?

Become a Premium Member for full access
  Unlock Premium Member

Question 433

Report
Export
Collapse

An engineer configures a destination NAT policy to allow inbound access to an internal server in the DMZ. The NAT policy is configured with the following values:

- Source zone: Outside and source IP address 1.2.2.2

- Destination zone: Outside and destination IP address 2.2.2.1

The destination NAT policy translates IP address 2.2.2.1 to the real IP address 10.10.10.1 in the DMZ zone.

Which destination IP address and zone should the engineer use to configure the security policy?

Become a Premium Member for full access
  Unlock Premium Member

Question 434

Report
Export
Collapse

When configuring explicit proxy on a firewall, which interface should be selected under the Listening interface option?

Become a Premium Member for full access
  Unlock Premium Member

Question 435

Report
Export
Collapse

Which three sessions are created by a NGFW for web proxy? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 436

Report
Export
Collapse

A firewall engineer at a company is researching the Device Telemetry feature of PAN-OS. Which two aspects of the feature require further action for the company to remain compliant with local laws regarding privacy and data storage? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 437

Report
Export
Collapse

In which two scenarios would it be necessary to use Proxy IDs when configuring site-to-site VPN Tunnels? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 438

Report
Export
Collapse

Review the screenshots.

Palo Alto Networks PCNSE image Question 438 134842 01132025192226000000

What is the most likely reason for this decryption error log?

Become a Premium Member for full access
  Unlock Premium Member

Question 439

Report
Export
Collapse

A network engineer troubleshoots a VPN Phase 2 mismatch and decides that PFS (Perfect Forward Secrecy) needs to be enabled. What action should the engineer take?

Become a Premium Member for full access
  Unlock Premium Member

Question 440

Report
Export
Collapse

A security engineer is informed that the vulnerability protection profile of their on-premises Palo Alto Networks firewall is triggering on a common Threat ID, and which has been determined to be a false positive. The engineer is asked to resolve the issue as soon as possible because it is causing an outage for a critical service The engineer opens the vulnerability protection profile to add the exception, but the Threat ID is missing.

Which action is the most operationally efficient for the security engineer to find and implement the exception?

Become a Premium Member for full access
  Unlock Premium Member
Total 470 questions
Go to page: of 47