PCNSE V6

An engineer is deploying multiple firewalls with common configuration in Panorama. What are two benefits of using nested device groups? (Choose two.)A . Inherit settings from the Shared group B. Inherit IPSec crypto profiles C. Inherit all Security policy rules and objects D. Inherit parent Security policy rules and objectsView...

An administrator needs to optimize traffic to prefer business-critical applications over non-critical applications QoS natively integrates with which feature to provide service quality?A . certificate revocation B. Content-ID C. App-ID D. port inspectionView AnswerAnswer: C Explanation: QoS natively integrates with App-ID, which is a feature that identifies applications based on...

An administrator connected a new fiber cable and transceiver to interface Ethernetl/l on a Palo Alto Networks firewall. However, the link does not seem to be coming up. If an administrator were to troubleshoot, how would they confirm the transceiver type, tx-power, rx-power, vendor name, and part number via the...

A bootstrap USB flash drive has been prepared using a Windows workstation to load the initial configuration of a Palo Alto Networks firewall that was previously being used in a lab. The USB flash drive was formatted using file system FAT32 and the initial configuration is stored in a file...

Which statement best describes the Automated Commit Recovery feature?A . It performs a connectivity check between the firewall and Panorama after every configuration commit on the firewall. It reverts the configuration changes on the firewall if the check fails. B. It restores the running configuration on a firewall and Panorama...

An internal system is not functioning. The firewall administrator has determined that the incorrect egress interface is being used. After looking at the configuration, the administrator believes that the firewall is not using a static route. What are two reasons why the firewall might not use a static route? (Choose...

What can you use with Global Protect to assign user-specific client certificates to each GlobalProtect user?A . SSL/TLS Service profile B. Certificate profile C. SCEP D. OCSP ResponderView AnswerAnswer: C Explanation: If you have a Simple Certificate Enrollment Protocol (SCEP) server in your enterprise PKI, you can configure a SCEP...

A company with already deployed Palo Alto firewalls has purchased their first Panorama server. The security team has already configured all firewalls with the Panorama IP address and added all the firewall serial numbers in Panorama. What are the next steps to migrate configuration from the firewalls to Panorama?A ....

A customer wants to set up a VLAN interface for a Layer 2 Ethernet port. Which two mandatory options are used to configure a VLAN interface? (Choose two.)A . Virtual router B. Security zone C. ARP entries D. Netflow ProfileView AnswerAnswer: A,B Explanation: Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/network/network-interfaces/pa-7000-series- layer-2-interface#idd2bcaacc-54b9-4ec9-a1dd-8064499f5b9d https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRqCAK VLAN interface is...

A firewall administrator wants to avoid overflowing the company syslog server with traffic logs. What should the administrator do to prevent the forwarding of DNS traffic logs to syslog?A . Disable logging on security rules allowing DNS. B. Go to the Log Forwarding profile used to forward traffic logs to...