PCNSE V10

An administrator has two pairs of firewalls within the same subnet. Both pairs of firewalls have been configured to use High Availability mode with Active/Passive. The ARP tables for upstream routes display the same MAC address being shared for some of these firewalls. What can be configured on one pair...

An administrator has been tasked with configuring decryption policies. Which decryption best practice should they consider?A . Consider the local, legal, and regulatory implications and how they affect which traffic can be decrypted.B . Decrypt all traffic that traverses the firewall so that it can be scanned for threats.C ....

An engineer reviews high availability (HA) settings to understand a recent HA failover event. Review the screenshot below. Which timer determines the frequency at which the HA peers exchange messages in the form of an ICMP (ping)A . Hello IntervalB . Promotion Hold TimeC . Heartbeat IntervalD . Monitor Fail...

Which two statements correctly describe Session 380280? (Choose two.) A . The session went through SSL decryption processing.B . The session has ended with the end-reason unknown.C . The application has been identified as web-browsing.D . The session did not go through SSL decryption processing.View AnswerAnswer: A, C

A network administrator wants to deploy SSL Forward Proxy decryption. What two attributes should a forward trust certificate have? (Choose two.)A . A subject alternative nameB . A private keyC . A server certificateD . A certificate authority (CA) certificateView AnswerAnswer: B, D Explanation: The two attributes that a forward...

An administrator receives the following error message: "IKE phase-2 negotiation failed when processing Proxy ID. Received local id 192.168 33 33/24 type IPv4 address protocol 0 port 0, received remote id 172.16 33.33/24 type IPv4 address protocol 0 port 0." How should the administrator identify the root cause of this...

A company has configured GlobalProtect to allow their users to work from home. A decrease in performance for remote workers has been reported during peak-use hours. Which two steps are likely to mitigate the issue? (Choose TWO)A . Exclude video trafficB . Enable decryptionC . Block traffic that is not...

Given the following snippet of a WildFire submission log did the end-user get access to the requested information and why or why not? A . Yes, because the action is set to alertB . No, because this is an example from a defeated phishing attackC . No, because the severity...

Which GlobalProtect gateway selling is required to enable split-tunneling by access route, destination domain, and application?A . No Direct Access to local networksB . Tunnel modeC . iPSec modeD . Satellite modeView AnswerAnswer: B Explanation: https://docs.paloaltonetworks.com/globalprotect/9-1/globalprotect-admin/globalprotect-gateways/split-tunnel-traffic-on-globalprotect-gateways/configure-a-split-tunnel-based-on-the-domain-and-application

An engineer is configuring a template in Panorama which will contain settings that need to be applied to all firewalls in production. Which three parts of a template an engineer can configure? (Choose three.)A . NTP Server AddressB . Antivirus ProfileC . Authentication ProfileD . Service Route ConfigurationE . Dynamic...