PCNSE V10

A firewall engineer reviews the PAN-OS GlobalProtect application and sees that it implicitly uses web-browsing and depends on SSL. When creating a new rule, what is needed to allow the application to resolve dependencies?A . Add SSL and web-browsing applications to the same rule.B . Add web-browsing application to the...

What type of address object would be useful for internal devices where the addressing structure assigns meaning to certain bits in the address, as illustrated in the diagram? A . IP NetmaskB . IP Wildcard MaskC . IP AddressD . IP RangeView AnswerAnswer: B Explanation: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/policy/use-address-object-to-represent-ip-addresses/address-objects

Which new PAN-OS 11.0 feature supports IPv6 traffic?A . DHCPv6 Client with Prefix DelegationB . OSPFC . DHCP ServerD . IKEv1View AnswerAnswer: A Explanation: https://docs.paloaltonetworks.com/compatibility-matrix/ipv6-support-by-feature/ipv6-support-by-feature-table

Refer to the exhibit. Based on the screenshots above what is the correct order in which the various rules are deployed to firewalls inside the DATACENTER_DG device group? A. shared pre-rules DATACENTER DG pre rules rules configured locally on the firewall shared post-rules DATACENTER_DG post-rules DATACENTER.DG default rules B. shared...

An engineer is deploying multiple firewalls with common configuration in Panorama. What are two benefits of using nested device groups? (Choose two.)A . Inherit settings from the Shared groupB . Inherit IPSec crypto profilesC . Inherit all Security policy rules and objectsD . Inherit parent Security policy rules and objectsView...

Which statement regarding HA timer settings is true?A . Use the Recommended profile for typical failover timer settingsB . Use the Moderate profile for typical failover timer settingsC . Use the Aggressive profile for slower failover timer settings.D . Use the Critical profile for faster failover timer settings.View AnswerAnswer: A...

Refer to the exhibit. Review the images. A firewall policy that permits web traffic includes the global-logs policy is depicted What is the result of traffic that matches the "Alert - Threats" Profile Match List?A . The source address of SMTP traffic that matches a threat is automatically blocked as...

An engineer is configuring a firewall with three interfaces: • MGT connects to a switch with internet access. • Ethernet1/1 connects to an edge router. • Ethernet1/2 connects to a visualization network. The engineer needs to configure dynamic updates to use a dataplane interface for internet traffic. What should be...

When an engineer configures an active/active high availability pair, which two links can they use? (Choose two)A . HSCI-CB . Console BackupC . HA3D . HA2 backupView AnswerAnswer: C, D Explanation: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/set-up-activeactive-ha/prerequisites-for-activeactive-ha These are the two links that can be used to configure an active/active high availability pair. An active/active...

With the default TCP and UDP settings on the firewall, what will be the identified application in the following session? A . IncompleteB . unknown-tcpC . Insufficient-dataD . not-applicableView AnswerAnswer: D Explanation: Traffic didnt match any other policies and so landed at the implicit "deny all" policy. If it's deny...