PCNSE V10

An engineer is monitoring an active/active high availability (HA) firewall pair. Which HA firewall state describes the firewall that is experiencing a failure of a monitored path?A . InitialB . TentativeC . PassiveD . Active-secondaryView AnswerAnswer: B Explanation: In an active/active high availability (HA) firewall pair, when a firewall experiences...

A network security administrator has an environment with multiple forms of authentication. There is a network access control system in place that authenticates and restricts access for wireless users, multiple Windows domain controllers, and an MDM solution for company-provided smartphones. All of these devices have their authentication events logged. Given...

A company has configured a URL Filtering profile with override action on their firewall. Which two profiles are needed to complete the configuration? (Choose two)A . SSL/TLS ServiceB . HTTP ServerC . DecryptionD . Interface ManagementView AnswerAnswer: A, D Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRdCAK https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/configure-url-filtering https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/allow-password-access-to-certain-sites#id7e63ce07-8b30-4506-a1e3-5800303954e8

Refer to the exhibit. Which will be the egress interface if the traffic's ingress interface is ethernet1/7 sourcing from 192.168.111.3 and to the destination 10.46.41.113?A . ethernet1/6B . ethernet1/3C . ethernet1/7D . ethernet1/5View AnswerAnswer: D Explanation: In the second image, VW ports mentioned are 1/5 and 1/7. Hence it can...

An engineer creates a set of rules in a Device Group (Panorama) to permit traffic to various services for a specific LDAP user group. What needs to be configured to ensure Panorama can retrieve user and group information for use in these rules?A . A service route to the LDAP...

An engineer configures a specific service route in an environment with multiple virtual systems instead of using the inherited global service route configuration. What type of service route can be used for this configuration?A . IPv6 Source or Destination AddressB . Destination-Based Service RouteC . IPv4 Source InterfaceD . Inherit...

An administrator is attempting to create policies tor deployment of a device group and template stack. When creating the policies, the zone drop down list does not include the required zone. What must the administrator do to correct this issue?A . Specify the target device as the master device in...

An administrator has purchased WildFire subscriptions for 90 firewalls globally. What should the administrator consider with regards to the WildFire infra-structure?A . To comply with data privacy regulations, WildFire signatures and ver-dicts are not shared globally.B . Palo Alto Networks owns and maintains one global cloud and four WildFire regional...

In a template, which two objects can be configured? (Choose two.)A . SD-WAN path quality profileB . Monitor profileC . IPsec tunnelD . Application groupView AnswerAnswer: BC Explanation: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-web-interface-help/network/network-network-profiles/network-network-profiles-monitor.html

What is the best definition of the Heartbeat Interval?A . The interval in milliseconds between hello packetsB . The frequency at which the HA peers check link or path availabilityC . The frequency at which the HA peers exchange pingD . The interval during which the firewall will remain active...