PCNSE

Before an administrator of a VM-500 can enable DoS and zone protection, what actions need to be taken?A . Measure and monitor the CPU consumption of the firewall data plane to ensure that each firewall is properly sized to support DoS and zone protectionB . Create a zone protection profile...

Your company has to Active Directory domain controllers spread across multiple WAN links All users authenticate to Active Directory Each link has substantial network bandwidth to support all mission-critical applications. The firewalls management plane is highly utilized Given this scenario which type of User-ID agent is considered a best practice...

An internal system is not functioning. The firewall administrator has determined that the incorrect egress interface is being used. After looking at the configuration, the administrator believes that the firewall is not using a static route. What are two reasons why the firewall might not use a static route? (Choose...

Using multiple templates in a stack to manage many firewalls provides which two advantages? (Choose two.)A . inherit address-objects from templatesB . define a common standard template configuration for firewallsC . standardize server profiles and authentication configuration across all stacksD . standardize log-forwarding profiles for security polices across all stacksView...

An administrator is building Security rules within a device group to block traffic to and from malicious locations How should those rules be configured to ensure that they are evaluated with a high priority?A . Create the appropriate rules with a Block action and apply them at the top of...

PBF can address which two scenarios? (Select Two)A . forwarding all traffic by using source port 78249 to a specific egress interfaceB . providing application connectivity the primary circuit failsC . enabling the firewall to bypass Layer 7 inspectionD . routing FTP to a backup ISP link to save bandwidth...

When using certificate authentication for firewall administration, which method is used for authorization?A . RadiusB . LDAPC . KerberosD . LocalView AnswerAnswer: C

A superuser is tasked with creating administrator accounts for three contractors For compliance purposes, all three contractors will be working with different device-groups in their hierarchy to deploy policies and objects. Which type of role-based access is most appropriate for this project?A . Create a Dynamic Admin with the Panorama...

Which statement is correct given the following message from the PanGPA log on the GlobalProtect app? Failed to connect to server at port:47 67A . The PanGPS process failed to connect to the PanGPA process on port 4767B . The GlobalProtect app failed to connect to the GlobalProtect Portal on...

What type of address object would be useful for internal devices where the addressing structure assigns meaning to certain bits in the address, as illustrated in the diagram? A . IP NetmaskB . IP Wildcard MaskC . IP AddressD . IP RangeView AnswerAnswer: B Explanation: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/networking-features/wildcard-address