CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCNSE

Free PCNSE Exam Braindumps (page: 5)

Page 5 of 152
PDF with 606 Questions

Decrypted packets from the website https://www.microsoft.com will appear as which application and service within the Traffic log?

  1. web-browsing and 443
  2. SSL and 80
  3. SSL and 443
  4. web-browsing and 80

Answer(s): A



Which PAN-OS® policy must you configure to force a user to provide additional credentials before he is allowed to access an internal application that contains highly-sensitive business data?

  1. Security policy
  2. Decryption policy
  3. Authentication policy
  4. Application Override policy

Answer(s): C



A Security policy rule is configured with a Vulnerability Protection Profile and an action of “Deny”. Which action will this cause configuration on the matched traffic?

  1. The configuration is invalid. The Profile Settings section will be grayed out when the Action is set to “Deny”.
  2. The configuration will allow the matched session unless a vulnerability signature is detected. The “Deny” action will supersede the per-severity defined actions defined in the associated Vulnerability Protection Profile.
  3. The configuration is invalid. It will cause the firewall to skip this Security policy rule. A warning will be displayed during a commit.
  4. The configuration is valid. It will cause the firewall to deny the matched sessions. Any configured Security Profiles have no effect if the Security policy rule action is set to “Deny”.

Answer(s): D


Reference:

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/security-policy/security-policy-actions



A user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At other times the session times out. The NGFW has been configured with a PBF rule that the user’s traffic matches when it goes to http://www.company.com.

How can the firewall be configured automatically disable the PBF rule if the next hop goes down?

  1. Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
  2. Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.
  3. Enable and configure a Link Monitoring Profile for the external interface of the firewall.
  4. Configure path monitoring for the next hop gateway on the default route in the virtual router.

Answer(s): B


Reference:

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-web-interface-help/network/network-network-profiles-monitor#



Page 5 of 152



Post your Comments and Discuss Palo Alto Networks PCNSE exam with other Community members:

Lee commented on November 27, 2024
So far so good
UNITED STATES
upvote

Naredn commented on November 22, 2024
Best practices at one place
Anonymous
upvote

Dan commented on September 08, 2024
So far so good
Anonymous
upvote

Eric commented on December 13, 2023
Works great
Anonymous
upvote