PCNSE exam

How can an administrator use the Panorama device-deployment option to update the apps and threat version of an HA pair of managed firewalls?A . Configure the firewall's assigned template to download the content updates. B. Choose the download and install action for both members of the HA pair in the...

An engineer wants to configure aggregate interfaces to increase bandwidth and redundancy between the firewall and switch. Which statement is correct about the configuration of the interfaces assigned to an aggregate interface group?A . They can have a different bandwidth. B. They can have a different interface type such as...

The administrator for a small company has recently enabled decryption on their Palo Alto Networks firewall using a self-signed root certificate. They have also created a Forward Trust and Forward Untrust certificate and set them as such The admin has not yet installed the root certificate onto client systems What...

You have upgraded Panorama to 10.2 and need to upgrade six Log Collectors. When upgrading Log Collectors to 10.2, you must do what?A . Upgrade the Log Collectors one at a time. B. Add Panorama Administrators to each Managed Collector. C. Add a Global Authentication Profile to each Managed Collector....

Which profile generates a packet threat type found in threat logs?A . Zone Protection B. WildFire C. Anti-Spyware D. AntivirusView AnswerAnswer: A Explanation: "Threat/Content Type (subtype) Subtype of threat log." "packet―Packet-based attack protection triggered by a Zone Protection profile." https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields packet―Packet-based attack protection triggered by a Zone Protection profile.

When configuring forward error correction (FEC) for PAN-OS SD-WAN, an administrator would turn on the feature inside which type of SD-WAN profile?A . Certificate profile B. Path Quality profile C. SD-WAN Interface profile D. Traffic Distribution profileView AnswerAnswer: C

Which three items are import considerations during SD-WAN configuration planning? (Choose three.)A . link requirements B. the name of the ISP C. IP Addresses D. branch and hub locationsView AnswerAnswer: A,C,D Explanation: https://docs.paloaltonetworks.com/sd-wan/1-0/sd-wan-admin/sd-wan-overview/plan-sd-wan-configuration

The following objects and policies are defined in a device group hierarchy A. Address Objects -Shared Address1 -Shared Address2 -Branch Address1 Policies -Shared Policy1 -Branch Policy1 B. Address Objects -Shared Address1 -Shared Address2 -Branch Address1 -DC Address1 Policies -Shared Policy1 -Shared Policy2 -Branch Policy1 C. Address Objects -Shared Address 1...

An engineer reviews high availability (HA) settings to understand a recent HA failover event. Review the screenshot below. Which timer determines the frequency at which the HA peers exchange messages in the form of an ICMP (ping)A . Hello Interval B. Promotion Hold Time C. Heartbeat Interval D. Monitor Fail...

A network security administrator has an environment with multiple forms of authentication. There is a network access control system in place that authenticates and restricts access for wireless users, multiple Windows domain controllers, and an MDM solution for company-provided smartphones. All of these devices have their authentication events logged. Given...