Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCNSE

Free Palo Alto Networks PCNSE Exam Braindumps (page: 9)

92.2% Passing Rate DOWNLOAD PDF EXAM
606 Questions & Answers
Page 9 of 152

How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?

  1. Use the debug dataplane packet-diag set capture stage firewall file command.
  2. Enable all four stages of traffic capture (TX, RX, DROP, Firewall).
  3. Use the debug dataplane packet-diag set capture stage management file command.
  4. Use the tcpdump command.

Answer(s): D


Reference:

https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Run-a-Packet-Capture/ta-p/62390



An administrator needs to optimize traffic to prefer business-critical applications over non-critical applications. QoS natively integrates with which feature to provide service quality?

  1. Port Inspection
  2. Certificate revocation
  3. Content-ID
  4. App-ID

Answer(s): D


Reference:

https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/quality-of-service/qos- concepts/qos-for-applications-and-users#idaed4e749-80b4-4641-a37c-c741aba562e9



A session in the Traffic log is reporting the application as “incomplete.” What does “incomplete” mean?

  1. The three-way TCP handshake was observed, but the application could not be identified.
  2. The three-way TCP handshake did not complete.
  3. The traffic is coming across UDP, and the application could not be identified.
  4. Data was received but was instantly discarded because of a Deny policy was applied before App-ID could be applied.

Answer(s): B



Refer to the exhibit.
An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A (10.1.1.100) receives HTTP traffic and Host B (10.1.1.101) receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.)

  1. Untrust (Any) to Untrust (10.1.1.1), web-browsing - Allow
  2. Untrust (Any) to Untrust (10.1.1.1), ssh - Allow
  3. Untrust (Any) to DMZ (1.1.1.100), web-browsing - Allow
  4. Untrust (Any) to DMZ (1.1.1.100), ssh - Allow
  5. Untrust (Any) to DMZ (10.1.1.100, 10.1.1.101), ssh, web-browsing - Allow

Answer(s): C,D






Post your Comments and Discuss Palo Alto Networks PCNSE exam prep with other Community members:

PCNSE Exam Discussions & Posts