PCNSE exam

How would an administrator monitor/capture traffic on the management interface of the Palo Alto Networks NGFW?A . Use the debug dataplane packet-diag set capture stage firewall file command. B. Enable all four stages of traffic capture (TX, RX, DROP, Firewall). C. Use the debug dataplane packet-diag set capture stage management...

A network security administrator wants to begin inspecting bulk user HTTPS traffic flows egressing out of the internet edge firewall. Which certificate is the best choice to configure as an SSL Forward Trust certificate?A . A self-signed Certificate Authority certificate generated by the firewall B. A Machine Certificate for the...

Which CLI command displays the physical media that are connected to ethernet1/8?A . > show system state filter-pretty sys.si.p8.stats B. > show system state filter-pretty sys.sl.p8.phy C. > show interface ethernet1/8 D. > show system state filter-pretty sys.sl.p8.medView AnswerAnswer: C

Which log type would provide information about traffic blocked by a Zone Protection profile?A . Data Filtering B. IP-Tag C. Traffic D. ThreatView AnswerAnswer: D Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clm9CAC Zone Protection profile is a set of security policies that you can apply to an interface or zone to protect it from reconnaissance,...

An engineer configures SSL decryption in order to have more visibility to the internal users' traffic when it is regressing the firewall. Which three types of interfaces support SSL Forward Proxy? (Choose three.)A . High availability (HA) B. Layer 2 C. Virtual Wire D. Tap E. Layer 3View AnswerAnswer: B,C,E

When using SSH keys for CLI authentication for firewall administration, which method is used for authorization?A . Local B. LDAP C. Kerberos D. RadiusView AnswerAnswer: A Explanation: When using SSH keys for CLI authentication for firewall administration, the method used for authorization is local. This is described in the Palo...

An administrator can not see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports. The configuration problem seems to be on the firewall. Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the NGFW to Panorama? A) B) C) D)...

Which data flow describes redistribution of user mappings?A . User-ID agent to firewall B. firewall to firewall C. Domain Controller to User-ID agent D. User-ID agent to PanoramaView AnswerAnswer: B Explanation: https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/user-id/configure-firewalls-to-redistribute-user-mapping-information https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/user-id/deploy-user-id-in-a-large-scale-network/redistribute-user-mappings-and-authentication-timestamps/firewall-deployment-for-user-id-redistribution.html#ide3661b46-4722-4936-bb9b-181679306809

In a Panorama template which three types of objects are configurable? (Choose three)A . certificate profiles B. HIP objects C. QoS profiles D. security profiles E. interface management profilesView AnswerAnswer: A,C,E Explanation: https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/manage-firewalls/use-case-configure-firewalls-using-panorama/set-up-your-centralized-configuration-and-policies/use-templates-to-administer-a-base-configuration

An administrator has two pairs of firewalls within the same subnet. Both pairs of firewalls have been configured to use High Availability mode with Active/Passive. The ARP tables for upstream routes display the same MAC address being shared for some of these firewalls. What can be configured on one pair...