PCNSE Online Practice Questions and Answers
Which item enables a firewall administrator to see details about traffic that is currently active through the NGFW?
A. ACC
B. System Logs
C. App Scope
D. Session Browser
A client has a sensitive application server in their data center and is particularly concerned about resource exhaustion because of distributed denial-of-service attacks. How can the Palo Alto Networks NGFW be configured to specifically protect this server against resource exhaustion originating from multiple IP addresses (DDoS attack)?
A. Define a custom App-ID to ensure that only legitimate application traffic reaches the server.
B. Add a Vulnerability Protection Profile to block the attack.
C. Add QoS Profiles to throttle incoming requests.
D. Add a DoS Protection Profile with defined session count.
How does Panorama handle incoming logs when it reaches the maximum storage capacity?
A. Panorama discards incoming logs when storage capacity full.
B. Panorama stops accepting logs until licenses for additional storage space are applied
C. Panorama stops accepting logs until a reboot to clean storage space.
D. Panorama automatically deletes older logs to create space for new ones.
Which three fields can be included in a pcap filter? (Choose three)
A. Egress interface
B. Source IP
C. Rule number
D. Destination IP
E. Ingress interface
An administrator discovers that a file blocked by the WildFire inline ML feature on the firewall is a false-positive action. How can the administrator create an exception for this particular file?
A. Add partial hash and filename in the file section of the WildFire inline ML tab of the Antivirus profile.
B. Set the WildFire inline ML action to allow for that protocol on the Antivirus profile.
C. Add the related Threat ID in the Signature exceptions tab of the Antivirus profile.
D. Disable the WildFire profile on the related Security policy.
Which conditions must be met when provisioning a high availability (HA) cluster? (Choose two.)
A. HA cluster members must be the same firewall model and run the same PAN-OS version.
B. HA cluster members must share the same zone names.
C. Panorama must be used to manage HA cluster members.
D. Dedicated HA communication interfaces for the cluster must be used over HSCI interfaces.
An engineer is reviewing the following high availability (HA) settings to understand a recent HAfailover event.
Which timer determines the frequency between packets sent to verify that the HA functionality on the other HA firewall is operational?
A. Monitor Fail Hold Up Time
B. Promotion Hold Time
C. Heartbeat Interval
D. Hello Interval
An administrator configures two VPN tunnels to provide for failover and uninterrupted VPN service.
What should an administrator configure to enable automatic failover to the backup tunnel?
A. Replay Protection
B. Zone Protection
C. Tunnel Monitor
D. Passive Mode
An administrator has been tasked with configuring decryption policies, Which decryption best practice should they consider?
A. Consider the local, legal, and regulatory implications and how they affect which traffic can be decrypted.
B. Decrypt all traffic that traverses the firewall so that it can be scanned for threats.
C. Place firewalls where administrators can opt to bypass the firewall when needed.
D. Create forward proxy decryption rules without Decryption profiles for unsanctioned applications.
A customer wants to set up a site-to-site VPN using tunnel interfaces. What format is the correct naming convention for tunnel interfaces?
A. tun.1025
B. tunnel.50
C. vpn.1024
D. gre1/2