Professional Documents
Culture Documents
Pcnse PDF
Pcnse PDF
Enrolling now you will get access to 445 questions in a unique set of
PCNSE dumps
DRAG DROP
An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple
routing protocols, and the engineer is trying to determine routing priority Match the default
Administrative Distances for each routing protocol.
[PIC-3-2391921712]
Explanation:
Question 1
DRAG DROP
An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple
routing protocols, and the engineer is trying to determine routing priority Match the default
Administrative Distances for each routing protocol.
https://www.certification-questions.com
Palo Alto Networks PCNSE
Explanation:
Options:
A.
Answer: A
An engineer needs to permit XML API access to a firewall for automation on a network segment that
is routed through a Layer 3 subinterface on a Palo Alto Networks firewall. However this network
segment cannot access the dedicated management interface due to the Security policy
Without changing the existing access to the management interface how can the engineer fulfill this
request?
Question 2
An engineer needs to permit XML API access to a firewall for automation on a network segment that
is routed through a Layer 3 subinterface on a Palo Alto Networks firewall. However this network
https://www.certification-questions.com
Palo Alto Networks PCNSE
segment cannot access the dedicated management interface due to the Security policy
Without changing the existing access to the management interface how can the engineer fulfill this
request?
Options:
C. Specify the subinterface as a management interface in Setup > Device > Interfaces
Answer: A
Explanation:
Explanation:
A Panorama administrator configures a new zone and uses the zone in a new Security policy.
After the administrator commits the configuration to Panorama, which device-group commit push
operation should the administrator use to ensure that the push is successful?
Question 3
A Panorama administrator configures a new zone and uses the zone in a new Security policy.
After the administrator commits the configuration to Panorama, which device-group commit push
operation should the administrator use to ensure that the push is successful?
Options:
Answer: D
Explanation:
Explanation:
An administrator cannot see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports.
The configuration problem seems to be on the firewall. Which settings if configured incorrectly most
likely would stop only Traffic logs from being sent from the NGFW to Panorama?
A)
https://www.certification-questions.com
Palo Alto Networks PCNSE
[PIC-4-1987379897]
B)
[PIC-5-3446159453]
C)
[PIC-6-1847646508]
D)
[PIC-7-1249216047]
Question 4
An administrator cannot see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports.
The configuration problem seems to be on the firewall. Which settings if configured incorrectly most
likely would stop only Traffic logs from being sent from the NGFW to Panorama?
A)
https://www.certification-questions.com
Palo Alto Networks PCNSE
B)
C)
https://www.certification-questions.com
Palo Alto Networks PCNSE
D)
Options:
A. Option A
B. Option B
C. Option C
D. Option D
https://www.certification-questions.com
Palo Alto Networks PCNSE
Answer: B
Explanation:
Explanation:
A network administrator configured a site-to-site VPN tunnel where the peer device will act as
initiator None of the peer addresses are known What can the administrator configure to establish the
VPN connection1?
Question 5
A network administrator configured a site-to-site VPN tunnel where the peer device will act as
initiator None of the peer addresses are known What can the administrator configure to establish the
VPN connection1?
Options:
Answer: C
Explanation:
Explanation:
Question 6
A network security engineer wants to prevent resource-consumption issues on the firewall.
Which strategy is consistent with decryption best practices to ensure consistent performance?
Options:
A. Use RSA in a Decryption profile tor higher-priority and higher-risk traffic, and use less
processor-
B. Use PFS in a Decryption profile for higher-priority and higher-risk traffic, and use less
processor-
https://www.certification-questions.com
Palo Alto Networks PCNSE
C. Use Decryption profiles to downgrade processor-intensive ciphers to ciphers that are less
processor-intensive
Answer: B
Explanation:
Explanation:
What can you use with Global Protect to assign user-specific client certificates to each GlobalProtect
user?
Question 7
What can you use with Global Protect to assign user-specific client certificates to each GlobalProtect
user?
Options:
B. Certificate profile
C. SCEP
D. OCSP Responder
Answer: C
Explanation:
Explanation:
[PIC-8-3316708584]
In the screenshot above which two pieces ot information can be determined from the ACC
configuration shown? (Choose two )
Question 8
https://www.certification-questions.com
Palo Alto Networks PCNSE
In the screenshot above which two pieces ot information can be determined from the ACC
configuration shown? (Choose two )
Options:
A. The Network Activity tab will display all applications, including FTP.
B. Threats with a severity of "high" are always listed at the top of the Threat Name list
C. Insecure-credentials, brute-force and protocol-anomaly are all a part of the vulnerability Threat
Type
D. The ACC has been filtered to only show the FTP application
Answer: A, C
Explanation:
Explanation:
An administrator needs to assign a specific DNS server to one firewall within a device group. Where
https://www.certification-questions.com
Palo Alto Networks PCNSE
Question 9
An administrator needs to assign a specific DNS server to one firewall within a device group. Where
would the administrator go to edit a template variable at the device level?
Options:
Answer: B
Explanation:
Explanation:
When configuring forward error correction (FEC) for PAN-OS SD-WAN, an administrator would turn
on the feature inside which type of SD-WAN profile?
Question 10
When configuring forward error correction (FEC) for PAN-OS SD-WAN, an administrator would turn
on the feature inside which type of SD-WAN profile?
Options:
A. Certificate profile
Answer: C
Explanation:
Explanation:
Would you like to see more? Don't miss our PCNSE PDF
file at:
https://www.certification-questions.com
Palo Alto Networks PCNSE
https://www.certification-questions.com/palo-alto-networks-pdf/pcnse-pdf.html
https://www.certification-questions.com