CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCNSE

Free PCNSE Exam Braindumps (page: 8)

Page 7 of 152
PDF with 606 Questions

A web server is hosted in the DMZ, and the server is configured to listen for incoming connections only on TCP port 8080. A Security policy rule allowing access from the Trust zone to the DMZ zone need to be configured to enable we browsing access to the server.

Which application and service need to be configured to allow only cleartext web-browsing traffic to thins server on tcp/8080?

  1. application: web-browsing; service: application-default
  2. application: web-browsing; service: service-https
  3. application: ssl; service: any
  4. application: web-browsing; service: (custom with destination TCP port 8080)

Answer(s): D



If the firewall has the following link monitoring configuration, what will cause a failover?

  1. ethernet1/3 and ethernet1/6 going down
  2. ethernet1/3 going down
  3. ethernet1/3 or ethernet1/6 going down
  4. ethernet1/6 going down

Answer(s): A



In the image, what caused the commit warning?

  1. The CA certificate for FWDtrust has not been imported into the firewall.
  2. TheFWDtrust certificate has not been flagged as Trusted Root CA.
  3. SSL Forward Proxy requires a public certificate to be imported into the firewall.
  4. TheFWDtrust certificate does not have a certificate chain.

Answer(s): A


Reference:

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/decryption/troubleshoot-and-monitor-decryption/decryption-logs/repair-incomplete-certificate-chains



Which method does an administrator use to integrate all non-native MFA platforms in PAN-OS® software?

  1. Okta
  2. DUO
  3. RADIUS
  4. PingID

Answer(s): C






Post your Comments and Discuss Palo Alto Networks PCNSE exam with other Community members:

PCNSE Discussions & Posts