CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCNSE

Free PCNSE Exam Braindumps (page: 20)

Page 20 of 152
PDF with 606 Questions

An administrator has a requirement to export decrypted traffic from the Palo Alto Networks NGFW to a third- party, deep-level packet inspection appliance.

Which interface type and license feature are necessary to meet the requirement?

  1. Decryption Mirror interface with the Threat Analysis license
  2. Virtual Wire interface with the Decryption Port Export license
  3. Tap interface with the Decryption Port Mirror license
  4. Decryption Mirror interface with the associated Decryption Port Mirror license

Answer(s): D


Reference:

https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/decryption/decryption-concepts/decryption-mirroring



When is the content inspection performed in the packet flow process?

  1. after the application has been identified
  2. before session lookup
  3. before the packet forwarding process
  4. after the SSL Proxy re-encrypts the packet

Answer(s): A


Reference:

https://live.paloaltonetworks.com/t5/Learning-Articles/Packet-Flow-Sequence-in-PAN-OS/ta-p/56081



An administrator has created an SSL Decryption policy rule that decrypts SSL sessions on any port. Which log entry can the administrator use to verify that sessions are being decrypted?

  1. In the details of the Traffic log entries
  2. Decryption log
  3. Data Filtering log
  4. In the details of the Threat log entries

Answer(s): A


Reference:

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Implement-and-Test-SSL-Decryption/ta-p/59719



An administrator has been asked to configure a Palo Alto Networks NGFW to provide protection against external hosts attempting to exploit a flaw in an operating system on an internal system.

Which Security Profile type will prevent this attack?

  1. Vulnerability Protection
  2. Anti-Spyware
  3. URL Filtering
  4. Antivirus

Answer(s): A


Reference:

https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/objects/objects- security-profiles-vulnerability-protection



Page 20 of 152



Post your Comments and Discuss Palo Alto Networks PCNSE exam with other Community members:

Lee commented on November 27, 2024
So far so good
UNITED STATES
upvote

Naredn commented on November 22, 2024
Best practices at one place
Anonymous
upvote

Dan commented on September 08, 2024
So far so good
Anonymous
upvote

Eric commented on December 13, 2023
Works great
Anonymous
upvote