Home

Home / Palo Alto Networks / PCNSC

Question list

List of questions

Question 1

(0)

TAC has requested a PCAP on your Panorama lo see why the DNS app is having intermittent issues resolving FODN What is the appropriate CLI command1*

Question 2

(0)

Examine the configured Security policy rule Which day one/Iron Skillet Security Profile Group is used to secure the traffic that is permitted through this rule?

Question 3

(0)

Which of the following is a primary use case for the Decryption Broker feature?

Question 4

(0)

How can you ensure that a Palo Alto Networks firewall does not block traffic during a software update?

Question 5

(0)

Which CLI command is used to verify the high availability state of a Palo Alto Networks firewall?

Question 6

(0)

In Panorama, what is the correct order of precedence for security policies?

Question 7

(0)

A firewall that was previously connected lo a User-ID agent server now shows disconnected What is the likely cause?

Question 8

(0)

A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool

Question 9

(0)

In an environment using User-ID, what role does the User-ID agent play?

Question 10

(0)

Which two types of security profiles are recommended to protect against known and unknown threats? (Choose two)

Open VPLUS File

Convert VPLUS to PDF

Related questions

A customer's Palo Alto Networks NGFW currently has only one security policy allowing all traffic They have identified that this is a substantial security risk and have heard that the Expedition tool can help them extract security policies from an 'allow any' rule What should the consultant say about Expedition?

An existing customer who has deployed several Palo Alto Networks Next-Generation Firewalls would like to start using Device-ID to obtain policy rule recommendations They have also purchased a Support license, a Threat license a URL Filtering license, and a WildFire license for each firewall What additional license do they need to purchase'?

Instead of disabling App-IDs regularly, a security policy rule is going to be configured to temporarily allow new App-IDs. In which two circumstances is it valid to disable App-IDs as part of content update-? (Choose two)

How can you verify that a new security policy is correctly blocking traffic without disrupting the network?

What is the maximum number of virtual systems supported by a Palo Alto Networks VM-300 firewall?

You are hosting a public-facing web server on your DMZ and access to that server is through a Palo Alto Networks firewall Both internal clients and internet clients access this web server using the FQDN public webserver acme com which resolves to the public address of 99.99 99.2 Which combination of NAT policies is necessary to enable access to the web server for both internal and internet clients? A) B) C) D)

Which two log types are necessary to fully investigate a network intrusion? (Choose two)

Which GlobalProtect feature ensures that only trusted endpoints can connect to the network?

Which CLI command should you use to verify whether all SFP SFP*, or QSFP modules are installed in a firewall?

A customer has a five-year-old firewall in production in the time since the firewall was installed, the IT team deleted unused security policies on a regular basis but they did not remove the address objects and groups that were part of these security policies. What is the best way to delete all of the unused address objects on the firewall?

Question 30 - PCNSC discussion

Report

Which category of Vulnerability Signatures is most likely to trigger false positive alerts?

A.

code-execution

B.

phishing

C.

info-leak

D.

brute-force

Show Answer

asked 23/09/2024

DAVID PUNTIN

26 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first