Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
MuleSoft
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCNSC

Free PCNSC Exam Braindumps (page: 5)

Page 2 of 19
PDF with 75 Questions

A session in the Traffic log is reporting the application as "incomplete” What does "incomplete" mean?

  1. The three-way TCP handshake did not complete.
  2. Data was received but wan instantly discarded because of a Deny policy was applied before App ID could be applied.
  3. The three-way TCP handshake was observed, but the application could not be identified.
  4. The traffic is coming across UDP, and the application could not be identified.

Answer(s): A



Refer to the exhibit.

A web server in the DMZ is being mapped to a public address through DNAT. Which Security policy rule will allow traffic to flow to the web server?

  1. Untrust (any) to Untrust (10. 1.1. 100), web browsing – Allow
  2. Untrust (any) to Untrust (1. 1. 1. 100), web browsing – Allow
  3. Untrust (any) to DMZ (1. 1. 1. 100), web browsing – Allow
  4. Untrust (any) to DMZ (10. 1. 1. 100), web browsing – Allow

Answer(s): B



Which version of Global Protect supports split tunneling based on destination domain, client process, and HTTP/HTTPs video streaming application?

  1. Glovbalprotect version 4.0 with PAn-OS 8.0
  2. Glovbalprotect version 4.1 with PAn-OS 8.1
  3. Glovbalprotect version 4.0 with PAn-OS 8.1
  4. Glovbalprotect version 4.1 with PAn-OS 8.0

Answer(s): C



A firewall administrator has been asked to configure a Palo Alto Networks NGFW to prevent against compromised hosts trying to phone-number or bacon out to eternal command-and-control (C2) servers.
Which Security Profile type will prevent these behaviors?

  1. Vulnerability Protection
  2. Antivirus
  3. Wildfire
  4. Anti-Spyware

Answer(s): D






Post your Comments and Discuss Palo Alto Networks PCNSC exam prep with other Community members: