The firewall identifies a popular application as an unknown-tcp.Which two options are available to identify the application? (Choose two.)
Answer(s): A,C
If an administrator wants to decrypt SMTP traffic and possesses the server’s certificate, which SSL decryption mode will allow the Palo Alto Networks NGFW to inspect traffic to the server?
Answer(s): B
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/decryption/configure-ssl-inbound-inspection
A client has a sensitive application server in their data center and is particularly concerned about resource exhaustion because of distributed denial-of-service attacks.How can the Palo Alto Networks NGFW be configured to specifically protect this server against resource exhaustion originating from multiple IP addresses (DDoS attack)?
Answer(s): D
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/zone-protection-and-dos-protection/zone-defense/dos-protection-profiles-and-policy-rules/dos-protection-profiles
Which two methods can be used to verify firewall connectivity to AutoFocus? (Choose two.)
Answer(s): D,E
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence
Post your Comments and Discuss Palo Alto Networks PCNSE exam with other Community members:
Lee commented on November 27, 2024 So far so good UNITED STATES upvote
Naredn commented on November 22, 2024 Best practices at one place Anonymous upvote
Dan commented on September 08, 2024 So far so good Anonymous upvote
Eric commented on December 13, 2023 Works great Anonymous upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the PCNSE content, but please register or login to continue.