PCNSE exam

To connect the Palo Alto Networks firewall to AutoFocus, which setting must be enabled?A . Device>Setup>Services>AutoFocusB . Device> Setup>Management >AutoFocusC . AutoFocus is enabled by default on the Palo Alto Networks NGFWD . Device>Setup>WildFire>AutoFocusE . Device>Setup> Management> Logging and Reporting SettingsView AnswerAnswer: B Explanation: Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence

Which feature prevents the submission of corporate login information into website forms?A . Data filteringB . User-IDC . File blockingD . Credential phishing preventionView AnswerAnswer: D Explanation: Reference: https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance “Credential phishing prevention works by scanning username and password submissions to websites and comparing those submissions against valid corporate credentials. You...

The firewall determines if a packet is the first packet of a new session or if a packet is part of an existing session using which kind of match?A . 6-tuple match: Source IP Address, Destination IP Address, Source port, Destination Port, Protocol, and Source Security ZoneB . 5-tuple match:...

Which PAN-OS® policy must you configure to force a user to provide additional credentials before he is allowed to access an internal application that contains highly-sensitive business data?A . Security policyB . Decryption policyC . Authentication policyD . Application Override policyView AnswerAnswer: C

How can a candidate or running configuration be copied to a host external from Panorama?A . Commit a running configuration.B . Save a configuration snapshot.C . Save a candidate configuration.D . Export a named configuration snapshot.View AnswerAnswer: D Explanation: Reference: https://www.paloaltonetworks.com/documentation/71/panorama/panorama_adminguide/administer-panorama/back-up- panorama-and-firewall-configurations

Which GlobalProtect Client connect method requires the distribution and use of machine certificates?A . User-logon (Always on)B . At-bootC . On-demandD . Pre-logonView AnswerAnswer: D

In the following image from Panorama, why are some values shown in red? A . sg2 session count is the lowest compared to the other managed devices.B . us3 has a logging rate that deviates from the administrator-configured thresholds.C . uk3 has a logging rate that deviates from the seven-day...

Starling with PAN-OS version 9.1, GlobalProtect logging information is now recorded in which firewall log?A . ConfigurationB . GlobalProtectC . AuthenticationD . SystemView AnswerAnswer: C

A client has a sensitive application server in their data center and is particularly concerned about session flooding because of denial of-service attacks. How can the Palo Alto Networks NGFW be configured to specifically protect this server against session floods originating from a single IP address?A . Define a custom...

View the GlobalProtect configuration screen capture. What is the purpose of this configuration?A . It configures the tunnel address of all internal clients to an IP address range starting at 192.168.10.1.B . It forces an internal client to connect to an internal gateway at IP address 192.168.10.1.C . It enables...