Download Palo Alto Networks.PCNSE.Prep4Sure.2020-02-21.92q.vcex

Download Exam

File Info

Exam Palo Alto Networks Certified Network Security Engineer
Number PCNSE
File Name Palo Alto Networks.PCNSE.Prep4Sure.2020-02-21.92q.vcex
Size 4 MB
Posted Feb 21, 2020
Download Palo Alto Networks.PCNSE.Prep4Sure.2020-02-21.92q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

Which CLI command is used to simulate traffic going through the firewall and determine which Security policy rule, NAT translation, static route, or PBF rule will be triggered by the traffic?


  1. check
  2. find
  3. test
  4. sim
Correct answer: C
Explanation:
Reference: http://www.shanekillen.com/2014/02/palo-alto-useful-cli-commands.html
Reference: http://www.shanekillen.com/2014/02/palo-alto-useful-cli-commands.html



Question 2

A customer wants to set up a VLAN interface for a Layer 2 Ethernet port. 
Which two mandatory options are used to configure a VLAN interface? (Choose two.)


  1. Virtual router
  2. Security zone
  3. ARP entries
  4. Netflow Profile
Correct answer: AB



Question 3

An administrator has been asked to configure a Palo Alto Networks NGFW to provide protection against worms and trojans. 
Which Security Profile type will protect against worms and trojans?


  1. Anti-Spyware
  2. Instruction Prevention
  3. File Blocking
  4. Antivirus
Correct answer: D
Explanation:
Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/policy/security-profiles
Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/policy/security-profiles



Question 4

An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs. The administrator assigns priority 100 to the active firewall. 
Which priority is correct for the passive firewall?


  1. 0
  2. 99
  3. 1
  4. 255
Correct answer: D
Explanation:
Reference: https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/device-priority-and-preemption
Reference: https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/device-priority-and-preemption



Question 5

An administrator pushes a new configuration from Panorama to a pair of firewalls that are configured as an active/passive HA pair. 
Which NGFW receives the configuration from Panorama?


  1. The passive firewall, which then synchronizes to the active firewall
  2. The active firewall, which then synchronizes to the passive firewall
  3. Both the active and passive firewalls, which then synchronize with each other
  4. Both the active and passive firewalls independently, with no synchronization afterward
Correct answer: C



Question 6

Refer to the exhibit. 
  
An administrator cannot see any of the Traffic logs from the Palo Alto Networks NGFW on Panorama reports. The configuration problem seems to be on the firewall. Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the firewall to Panorama?


  1.   
  2.   
  3.   
  4.   
Correct answer: D



Question 7

Which method will dynamically register tags on the Palo Alto Networks NGFW?


  1. Restful API or the VMware API on the firewall or on the User-ID agent or the ready-only domain controller (RODC)
  2. Restful API or the VMware API on the firewall or on the User-ID agent
  3. XML API or the VMware API on the firewall or on the User-ID agent or the CLI
  4. XML API or the VM Monitoring agent on the NGFW or on the User-ID agent
Correct answer: D
Explanation:
Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/policy/register-ip-addresses-and-tags-dynamically
Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/policy/register-ip-addresses-and-tags-dynamically



Question 8

To connect the Palo Alto Networks firewall to AutoFocus, which setting must be enabled?


  1. Device>Setup>Services>AutoFocus
  2. Device> Setup>Management >AutoFocus
  3. AutoFocus is enabled by default on the Palo Alto Networks NGFW
  4. Device>Setup>WildFire>AutoFocus
  5. Device>Setup> Management> Logging and Reporting Settings
Correct answer: B
Explanation:
Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence
Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence



Question 9

An administrator encountered problems with inbound decryption. Which option should the administrator investigate as part of triage?


  1. Security policy rule allowing SSL to the target server
  2. Firewall connectivity to a CRL
  3. Root certificate imported into the firewall with “Trust” enabled
  4. Importation of a certificate from an HSM
Correct answer: A
Explanation:
Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/decryption/configure-ssl-inbound-inspection
Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/decryption/configure-ssl-inbound-inspection



Question 10

Which two virtualization platforms officially support the deployment of Palo Alto Networks VM-Series firewalls? (Choose two.)


  1. Red Hat Enterprise Virtualization (RHEV)
  2. Kernel Virtualization Module (KVM)
  3. Boot Strap Virtualization Module (BSVM)
  4. Microsoft Hyper-V
Correct answer: BD
Explanation:
Reference: https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series
Reference: https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files