CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCNSE

Free PCNSE Exam Braindumps (page: 6)

Page 5 of 152
PDF with 606 Questions

Decrypted packets from the website https://www.microsoft.com will appear as which application and service within the Traffic log?

  1. web-browsing and 443
  2. SSL and 80
  3. SSL and 443
  4. web-browsing and 80

Answer(s): A



Which PAN-OS® policy must you configure to force a user to provide additional credentials before he is allowed to access an internal application that contains highly-sensitive business data?

  1. Security policy
  2. Decryption policy
  3. Authentication policy
  4. Application Override policy

Answer(s): C



A Security policy rule is configured with a Vulnerability Protection Profile and an action of “Deny”. Which action will this cause configuration on the matched traffic?

  1. The configuration is invalid. The Profile Settings section will be grayed out when the Action is set to “Deny”.
  2. The configuration will allow the matched session unless a vulnerability signature is detected. The “Deny” action will supersede the per-severity defined actions defined in the associated Vulnerability Protection Profile.
  3. The configuration is invalid. It will cause the firewall to skip this Security policy rule. A warning will be displayed during a commit.
  4. The configuration is valid. It will cause the firewall to deny the matched sessions. Any configured Security Profiles have no effect if the Security policy rule action is set to “Deny”.

Answer(s): D


Reference:

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/security-policy/security-policy-actions



A user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At other times the session times out. The NGFW has been configured with a PBF rule that the user’s traffic matches when it goes to http://www.company.com.

How can the firewall be configured automatically disable the PBF rule if the next hop goes down?

  1. Create and add a Monitor Profile with an action of Wait Recover in the PBF rule in question.
  2. Create and add a Monitor Profile with an action of Fail Over in the PBF rule in question.
  3. Enable and configure a Link Monitoring Profile for the external interface of the firewall.
  4. Configure path monitoring for the next hop gateway on the default route in the virtual router.

Answer(s): B


Reference:

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-web-interface-help/network/network-network-profiles-monitor#






Post your Comments and Discuss Palo Alto Networks PCNSE exam with other Community members:

PCNSE Discussions & Posts