CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCNSE

Free PCNSE Exam Braindumps (page: 62)

Page 61 of 152
PDF with 619 Questions

How can packet buffer protection be configured?

  1. at zone level to protect firewall resources and ingress zones, but not at the device level
  2. at the interface level to protect firewall resources
  3. at the device level (globally) to protect firewall resources and ingress zones, but not at the zone level
  4. at the device level (globally) and, if enabled globally, at the zone level

Answer(s): D


Reference:

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-buffer-protection



An existing NGFW customer requires direct internet access offload locally at each site, and IPSec connectivity to all branches over public internet. One requirement is that no new SD-WAN hardware be introduced to the environment.

What is the best solution for the customer?

  1. Configure a remote network on PAN-OS
  2. Upgrade to a PAN-OS SD-WAN subscription
  3. Configure policy-based forwarding
  4. Deploy Prisma SD-WAN with Prisma Access

Answer(s): B


Reference:

https://docs.paloaltonetworks.com/sd-wan/1-0/sd-wan-admin/sd-wan-overview/about-sd-wan.html



A firewall administrator requires an A/P HA pair to fail over more quickly due to critical business application uptime requirements.

What is the correct setting?

  1. Change the HA timer profile to "user-defined" and manually set the timers.
  2. Change the HA timer profile to "fast".
  3. Change the HA timer profile to "aggressive" or customize the settings in advanced profile.
  4. Change the HA timer profile to "quick" and customize in advanced profile.

Answer(s): C


Reference:

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/high-availability/set-up-activepassive-ha/configure-activepassive-ha.html



What is the function of a service route?

  1. The service packets exit the firewall on the port assigned for the external service. The server sends its response to the configured source interface and source IP address.
  2. The service packets enter the firewall on the port assigned from the external service. The server sends its response to the configured destination interface and destination IP address.
  3. The service route is the method required to use the firewall's management plane to provide services to applications.
  4. Service routes provide access to external services, such as DNS servers, external authentication servers or Palo Alto Networks services like the Customer Support Portal.

Answer(s): A


Reference:

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/networking/service-routes.html






Post your Comments and Discuss Palo Alto Networks PCNSE exam with other Community members:

PCNSE Exam Discussions & Posts