PCNSE exam

Which Palo Alto Networks VM-Series firewall is valid?A . VM-25B . VM-800C . VM-50D . VM-400View AnswerAnswer: C Explanation: Reference: https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series

An administrator needs to optimize traffic to prefer business-critical applications over non-critical applications. QoS natively integrates with which feature to provide service quality?A . Port InspectionB . Certificate revocationC . Content-IDD . App-IDView AnswerAnswer: D Explanation: Reference: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/quality-of-service/qos-for-applications-and-users

An administrator needs to implement an NGFW between their DMZ and Core network. EIGRP Routing between the two environments is required. Which interface type would support this business requirement?A . Virtual Wire interfaces to permit EIGRP routing to remain between the Core and DMZB . Layer 3 or Aggregate Ethernet...

An administrator is using Panorama and multiple Palo Alto Networks NGFWs. After upgrading all devices to the latest PAN-OS® software, the administrator enables log forwarding from the firewalls to Panoram A. Pre-existing logs from the firewalls are not appearing in PanoramA. Which action would enable the firewalls to send their...

Which CLI command can be used to export the tcpdump capture?A . scp export tcpdump from mgmt.pcap to <username@host:path>B . scp extract mgmt-pcap from mgmt.pcap to <username@host:path>C . scp export mgmt-pcap from mgmt.pcap to <username@host:path>D . download mgmt.-pcapView AnswerAnswer: C Explanation: Reference: https://live.paloaltonetworks.com/t5/Management-Articles/How-To-Packet-Capture-tcpdump-On-Management-Interface/ta- p/55415

A Security policy rule is configured with a Vulnerability Protection Profile and an action of ‘Deny”. Which action will this cause configuration on the matched traffic?A . The configuration is invalid. The Profile Settings section will be grayed out when the Action is set to “Deny”.B . The configuration will...

A client is concerned about resource exhaustion because of denial-of-service attacks against their DNS servers. Which option will protect the individual servers?A . Enable packet buffer protection on the Zone Protection Profile.B . Apply an Anti-Spyware Profile with DNS sinkholing.C . Use the DNS App-ID with application-default.D . Apply a...

A company needs to preconfigure firewalls to be sent to remote sites with the least amount of reconfiguration. Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional data centers. Which VPN configuration would adapt to changes when deployed to the...

VPN traffic intended for an administrator’s Palo Alto Networks NGFW is being maliciously intercepted and retransmitted by the interceptor. When creating a VPN tunnel, which protection profile can be enabled to prevent this malicious behavior?A . Zone ProtectionB . DoS ProtectionC . Web ApplicationD . ReplayView AnswerAnswer: A

Which feature prevents the submission of corporate login information into website forms?A . Data filteringB . User-IDC . File blockingD . Credential phishing preventionView AnswerAnswer: D Explanation: Reference: https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance