PCNSE exam

An administrator just submitted a newly found piece of spyware for WildFire analysis. The spyware passively monitors behavior without the user’s knowledge. What is the expected verdict from WildFire?A . GraywareB . MalwareC . SpywareD . PhishingView AnswerAnswer: A Explanation: Wildfire verdictions are as follow1-Begnin2-Greyware3-Mallicious4-Phishing https://www.paloaltonetworks.com/documentation/80/wildfire/wf_admin/wildfire-overview/wildfire-concepts/verdicts

Which option is part of the content inspection process?A . Packet forwarding processB . SSL Proxy re-encryptC . IPsec tunnel encryptionD . Packet egress processView AnswerAnswer: B Explanation: http://live.paloaltonetworks.com//t5/image/serverpage/image-id/12862i950F549C7D4E6309

Use the image below If the firewall has the displayed link monitoring configuration what will cause a failover? A . ethernet1/3 and ethernet1/6 going downB . etheme!1/3 going downC . ethernet1/6 going downD . ethernet1/3 or ethernet1/6 going downView AnswerAnswer: A

Which three statements accurately describe Decryption Mirror? (Choose three.)A . Decryption Mirror requires a tap interface on the firewallB . Decryption, storage, inspection and use of SSL traffic are regulated in certain countriesC . Only management consent is required to use the Decryption Mirror featureD . You should consult with...

Which tool provides an administrator the ability to see trends in traffic over periods of time, such as threats detected in the last 30 days?A . Session BrowserB . Application Command CenterC . TCP DumpD . Packet CaptureView AnswerAnswer: B Explanation: Reference: https://live.paloaltonetworks.com/t5/Management-Articles/Tips-amp-Tricks-How-to-Use-the-Application-Command-Center- ACC/ta-p/67342

Which two virtualization platforms officially support the deployment of Palo Alto Networks VM-Series firewalls? (Choose two.)A . Red Hat Enterprise Virtualization (RHEV)B . Kernel Virtualization Module (KVM)C . Boot Strap Virtualization Module (BSVM)D . Microsoft Hyper-VView AnswerAnswer: B,D Explanation: Reference: https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series docs.paloaltonetworks.com/vm-series/8-0/vm-series-deployment/about-the-vm-series-firewall/vm-series-deployments

What does SSL decryption require to establish a firewall as a trusted third party and to establish trust between a client and server to secure an SSL/TLS connection?A . link stateB . stateful firewall connectionC . certificatesD . profilesView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/decryption/decryption-overview.html#:~:text=SSL%20decryption%20(both%20forward%20proxy,secure%20an%2 0SSL%2FTLS%20connection.

Given the following configuration, which route is used for destination 10.10.0.4? A . Route 4B . Route 3C . Route 1D . Route 3View AnswerAnswer: A

The SSL Forward Proxy decryption policy is configured. The following four certificate authority (CA) certificates are installed on the firewall. An end-user visits the untrusted website https //www firewall-do-not-trust-website com Which certificate authority (CA) certificate will be used to sign the untrusted webserver certificate?A . Forward-Untrust-CertificateB . Forward-Trust-CertificateC . Firewall-CAD...

Which feature must you configure to prevent users form accidentally submitting their corporate credentials to a phishing website?A . URL Filtering profileB . Zone Protection profileC . Anti-Spyware profileD . Vulnerability Protection profileView AnswerAnswer: A Explanation: Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/threat-prevention/prevent-credential-phishing