PCNSE

An administrator is defining protection settings on the Palo Alto Networks NGFW to guard against resource exhaustion. When platform utilization is considered, which steps must the administrator take to configure and apply packet buffer protection?A . Enable and configure the Packet Buffer protection thresholds.Enable Packet Buffer Protection per ingress zone.B...

An administrator just submitted a newly found piece of spyware for WildFire analysis. The spyware passively monitors behavior without the user’s knowledge. What is the expected verdict from WildFire?A . GraywareB . MalwareC . SpywareD . PhishingView AnswerAnswer: A Explanation: Wildfire verdictions are as follow1-Begnin2-Greyware3-Mallicious4-Phishing https://www.paloaltonetworks.com/documentation/80/wildfire/wf_admin/wildfire-overview/wildfire-concepts/verdicts

Which three steps will reduce the CPU utilization on the management plane? (Choose three.)A . Disable SNMP on the management interface.B . Application override of SSL application.C . Disable logging at session start in Security policies.D . Disable predefined reports.E . Reduce the traffic being decrypted by the firewall.View AnswerAnswer:...

A client is concerned about resource exhaustion because of denial-of-service attacks against their DNS servers. Which option will protect the individual servers?A . Enable packet buffer protection on the Zone Protection Profile.B . Apply an Anti-Spyware Profile with DNS sinkholing.C . Use the DNS App-ID with application-default.D . Apply a...

An administrator accidentally closed the commit window/screen before the commit was finished. Which two options could the administrator use to verify the progress or success of that commit task? (Choose two.) A . Exhibit AB . Exhibit BC . Exhibit CD . Exhibit DView AnswerAnswer: A,D

Which two benefits come from assigning a Decryption Profile to a Decryption policy rule with a “No Decrypt” action? (Choose two.)A . Block sessions with expired certificatesB . Block sessions with client authenticationC . Block sessions with unsupported cipher suitesD . Block sessions with untrusted issuersE . Block credential phishingView...

To protect your firewall and network from single source denial of service (DoS) attacks that can overwhelm its packet buffer and cause legitimate traffic to drop, you can configure.A . BGP (Border Gateway Protocol)B . PBP (Packet Buffer Protection)C . PGP (Packet Gateway Protocol)D . PBP (Protocol Based Protection)View AnswerAnswer:...

An administrator accidentally closed the commit window/screen before the commit was finished. Which two options could the administrator use to verify the progress or success of that commit task? (Choose two.) A . Exhibit AB . Exhibit BC . Exhibit CD . Exhibit DView AnswerAnswer: A,D

Which DoS protection mechanism detects and prevents session exhaustion attacks?A . Packet Based Attack ProtectionB . Flood ProtectionC . Resource ProtectionD . TCP Port Scan ProtectionView AnswerAnswer: C Explanation: Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/dos-protection-profiles

An administrator just submitted a newly found piece of spyware for WildFire analysis. The spyware passively monitors behavior without the user’s knowledge. What is the expected verdict from WildFire?A . GraywareB . MalwareC . SpywareD . PhishingView AnswerAnswer: A Explanation: Wildfire verdictions are as follow1-Begnin2-Greyware3-Mallicious4-Phishing https://www.paloaltonetworks.com/documentation/80/wildfire/wf_admin/wildfire-overview/wildfire-concepts/verdicts