Download Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0.CertDumps.PCNSE9.2020-05-29.1e.20q.vcex

Download Exam

File Info

Exam Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0
Number PCNSE9
File Name Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0.CertDumps.PCNSE9.2020-05-29.1e.20q.vcex
Size 949 Kb
Posted May 29, 2020
Downloads 41
Download Palo Alto Networks Certified Security Engineer (PCNSE) PAN-OS 9-0.CertDumps.PCNSE9.2020-05-29.1e.20q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

Which two actions would be part of an automatic solution that would block sites with untrusted certificates without enabling SSL Forward Proxy? (Choose two.)

  • A: Create a no-decrypt Decryption Policy rule.
  • B: Configure an EDL to pull IP addresses of known sites resolved from a CRL.
  • C: Create a Dynamic Address Group for untrusted sites
  • D: Create a Security Policy rule with vulnerability Security Profile attached.
  • E: Enable the "Block sessions with untrusted issuers" setting.

Correct Answer: AD




Question 2

Which two features does PAN-OS® software use to identify applications? (Choose two)

  • A: port number
  • B: session number
  • C: transaction characteristics
  • D: application layer payload

Correct Answer: CD

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/app-id/application-levelgateways#




Question 3

The certificate information displayed in the following image is for which type of certificate?
Exhibit:




  • A: Forward Trust certificate
  • B: Self-Signed Root CA certificate
  • C: Web Server certificate
  • D: Public CA signed certificate

Correct Answer: B




Question 4

A global corporate office has a large-scale network with only one User-ID agent, which creates a bottleneck near the User-ID agent server. Which solution in PAN-OS® software would help in this case?

  • A: Application override
  • B: Redistribution of user mappings
  • C: Virtual Wire mode
  • D: Content inspection

Correct Answer: B




Question 5

When configuring a GlobalProtect Portal, what is the purpose of specifying an
Authentication Profile?

  • A: To enable Gateway authentication to the Portal
  • B: To enable Portal authentication to the Gateway
  • C: To enable user authentication to the Portal
  • D: To enable client machine authentication to the Portal

Correct Answer: C

The additional options of Browser and Satellite enable you to specify the authentication profile to use for specific scenarios. Select Browser to specify the authentication profile to use to authenticate a user accessing the portal from a web browser with the intent of downloading the GlobalProtect agent (Windows and Mac). Select Satellite to specify the authentication profile to use to authenticate the satellite.
Reference:
https://www.paloaltonetworks.com/documentation/71/pan-os/web-interfacehelp/globalprotect/network-globalpr




Question 6

A customer wants to combine multiple Ethernet interfaces into a single virtual interface using link aggregation. Which two formats are correct for naming aggregate interfaces? (Choose two.)

  • A: ae.8
  • B: aggregate.1
  • C: ae.1
  • D: aggregate.8

Correct Answer: AC




Question 7

View the GlobalProtect configuration screen apture.

 

What is the purpose of this configuration?

  • A: It configures the tunnel address of all internal clients to an IP address range starting at 192.168.10.1.
  • B: It forces an internal client to connect to an internal gateway at IP address 192.168.10.1.
  • C: It enables a client to perform a reverse DNS lookup on 192.168.10.1 to detect that it is an internal client.
  • D: It forces the firewall to perform a dynamic DNS update, which adds the internal gateway’s hostname and IP address to the DNS server.

Correct Answer: C




Question 8

Which CLI command can be used to export the tcpdump capture?

Correct Answer: C




Question 9

In High Availability, which information is transferred via the HA data link?

  • A: session information
  • B: heartbeats
  • C: HA state information
  • D: User-ID information

Correct Answer: A




Question 10

Which three user authentication services can be modified to provide the Palo Alto Networks NGFW with both usernames and role names? (Choose three.)

  • A: TACACS+
  • B: Kerberos
  • C: PAP
  • D: LDAP
  • E: SAML
  • F: RADIUS

Correct Answer: AEF

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/firewalladministration/manage-firewall-administra










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files