PCNSE

Which tool provides an administrator the ability to see trends in traffic over periods of time, such as threats detected in the last 30 days?A . Session BrowserB . Application Command CenterC . TCP DumpD . Packet CaptureView AnswerAnswer: B Explanation: Reference: https://live.paloaltonetworks.com/t5/Management-Articles/Tips-amp-Tricks-How-to-Use-the-Application-Command-Center- ACC/ta-p/67342

Which two virtualization platforms officially support the deployment of Palo Alto Networks VM-Series firewalls? (Choose two.)A . Red Hat Enterprise Virtualization (RHEV)B . Kernel Virtualization Module (KVM)C . Boot Strap Virtualization Module (BSVM)D . Microsoft Hyper-VView AnswerAnswer: B,D Explanation: Reference: https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series docs.paloaltonetworks.com/vm-series/8-0/vm-series-deployment/about-the-vm-series-firewall/vm-series-deployments

What does SSL decryption require to establish a firewall as a trusted third party and to establish trust between a client and server to secure an SSL/TLS connection?A . link stateB . stateful firewall connectionC . certificatesD . profilesView AnswerAnswer: C Explanation: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/decryption/decryption-overview.html#:~:text=SSL%20decryption%20(both%20forward%20proxy,secure%20an%2 0SSL%2FTLS%20connection.

Given the following configuration, which route is used for destination 10.10.0.4? A . Route 4B . Route 3C . Route 1D . Route 3View AnswerAnswer: A

The SSL Forward Proxy decryption policy is configured. The following four certificate authority (CA) certificates are installed on the firewall. An end-user visits the untrusted website https //www firewall-do-not-trust-website com Which certificate authority (CA) certificate will be used to sign the untrusted webserver certificate?A . Forward-Untrust-CertificateB . Forward-Trust-CertificateC . Firewall-CAD...

Which feature must you configure to prevent users form accidentally submitting their corporate credentials to a phishing website?A . URL Filtering profileB . Zone Protection profileC . Anti-Spyware profileD . Vulnerability Protection profileView AnswerAnswer: A Explanation: Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/threat-prevention/prevent-credential-phishing

To protect your firewall and network from single source denial of service (DoS) attacks that can overwhelm its packet buffer and cause legitimate traffic to drop, you can configure.A . BGP (Border Gateway Protocol)B . PBP (Packet Buffer Protection)C . PGP (Packet Gateway Protocol)D . PBP (Protocol Based Protection)View AnswerAnswer:...

During the packet flow process, which two processes are performed in application identification? (Choose two.)A . Pattern based application identificationB . Application override policy matchC . Application changed from content inspectionD . Session application identified.View AnswerAnswer: A,B Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVHCA0 http://live.paloaltonetworks.com//t5/image/serverpage/image-id/12862i950F549C7D4E6309

Which User-ID method should be configured to map IP addresses to usernames for users connected through a terminal server?A . port mappingB . server monitoringC . client probingD . XFF headersView AnswerAnswer: A Explanation: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/user-id/map-ip-addresses-to-users/configure-user-mapping-for-terminal-server-users

An administrator has a PA-820 firewall with an active Threat Prevention subscription. The administrator is considering adding a WildFire subscription How does adding the WildFire subscription improve the security posture of the organization1?A . Protection against unknown malware can be provided in near real-timeB . WildFire and Threat Prevention combine...