PCNSE exam

To protect your firewall and network from single source denial of service (DoS) attacks that can overwhelm its packet buffer and cause legitimate traffic to drop, you can configure.A . BGP (Border Gateway Protocol)B . PBP (Packet Buffer Protection)C . PGP (Packet Gateway Protocol)D . PBP (Protocol Based Protection)View AnswerAnswer:...

During the packet flow process, which two processes are performed in application identification? (Choose two.)A . Pattern based application identificationB . Application override policy matchC . Application changed from content inspectionD . Session application identified.View AnswerAnswer: A,B Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVHCA0 http://live.paloaltonetworks.com//t5/image/serverpage/image-id/12862i950F549C7D4E6309

Which User-ID method should be configured to map IP addresses to usernames for users connected through a terminal server?A . port mappingB . server monitoringC . client probingD . XFF headersView AnswerAnswer: A Explanation: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/user-id/map-ip-addresses-to-users/configure-user-mapping-for-terminal-server-users

An administrator has a PA-820 firewall with an active Threat Prevention subscription. The administrator is considering adding a WildFire subscription How does adding the WildFire subscription improve the security posture of the organization1?A . Protection against unknown malware can be provided in near real-timeB . WildFire and Threat Prevention combine...

DRAG DROP Match each SD-WAN configuration element to the description of that element. View AnswerAnswer: Explanation: ✑ An SD-WAN Interface Profile specifies the Tag that you apply to the physical interface, and also specifies the type of Link that interface is (ADSL/DSL, cable modem, Ethernet, fiber, LTE/3G/4G/5G, MPLS, microwave/radio, satellite,...

An administrator creates an SSL decryption rule decrypting traffic on all ports. The administrator also creates a Security policy rule allowing only the applications DNS, SSL, and web-browsing. The administrator generates three encrypted BitTorrent connections and checks the Traffic logs. There are three entries. The first entry shows traffic dropped...

A session in the Traffic log is reporting the application as “incomplete.” What does “incomplete” mean?A . The three-way TCP handshake was observed, but the application could not be identified.B . The three-way TCP handshake did not complete.C . The traffic is coming across UDP, and the application could not...

A traffic log might list an application as "not-applicable" for which two reasons'? (Choose two)A . 0 The firewall did not install the sessionB . The TCP connection terminated without identifying any application dataC . The firewall dropped a TCP SYN packetD . There was not enough application data after...

How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?A . Use the debug dataplane packet-diag set capture stage firewall file command.B . Enable all four stages of traffic capture (TX, RX, DROP, Firewall).C . Use the debug dataplane packet-diag set capture stage management...

As a best practice, which URL category should you target first for SSL decryption?A . Online Storage and BackupB . High RiskC . Health and MedicineD . Financial ServicesView AnswerAnswer: A