PCNSE exam

Given the following snippet of a WildFire submission log, did the end user successfully download a file?A . No, because the URL generated an alert.B . Yes, because both the web-browsing application and the flash file have the 'alert" action.C . Yes, because the final action is set to "allow.''D...

An administrator troubleshoots an issue that causes packet drops. Which log type will help the engineer verify whether packet buffer protection was activated?A . Data FilteringB . ConfigurationC . ThreatD . TrafficView AnswerAnswer: C Explanation: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNGFCA4

A company wants to add threat prevention to the network without redesigning the network routing. What are two best practice deployment modes for the firewall? (Choose two.)A . VirtualWireB . Layer3C . TAPD . Layer2View AnswerAnswer: AD Explanation: A and D are the best practice deployment modes for the firewall...

You are auditing the work of a co-worker and need to verify that they have matched the Palo Alto Networks Best Practices for Anti-Spyware Profiles. For which three severity levels should single-packet captures be enabled to meet the Best Practice standard? (Choose three.)A . LowB . HighC . CriticalD ....

A security engineer needs firewall management access on a trusted interface. Which three settings are required on an SSL/TLS Service Profile to provide secure Web UI authentication? (Choose three.)A . Minimum TLS versionB . CertificateC . Encryption AlgorithmD . Maximum TLS versionE . Authentication AlgorithmView AnswerAnswer: ABD Explanation: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certificate-management/configure-an-ssltls-service-profile

A network security administrator wants to begin inspecting bulk user HTTPS traffic flows egressing out of the internet edge firewall. Which certificate is the best choice to configure as an SSL Forward Trust certificate?A . A self-signed Certificate Authority certificate generated by the firewallB . A Machine Certificate for the...

An engineer manages a high availability network and requires fast failover of the routing protocols. The engineer decides to implement BFD. Which three dynamic routing protocols support BFD? (Choose three.)A . OSPFB . RIPC . BGPD . IGRPE . OSPFv3 virtual linkView AnswerAnswer: A, B, C Explanation: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-networking-admin/bfd/bfd-overview/bfd-for-dynamic-routing-protocols

Refer to Exhibit: An administrator can not see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports. The configuration problem seems to be on the firewall. Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the NGFW to Panorama? A)...

An administrator would like to determine which action the firewall will take for a specific CVE. Given the screenshot below, where should the administrator navigate to view this information?A . The profile rule actionB . CVE columnC . Exceptions labD . The profile rule threat nameView AnswerAnswer: C Explanation: The...

To ensure that a Security policy has the highest priority, how should an administrator configure a Security policy in the device group hierarchy?A . Add the policy to the target device group and apply a master device to the device group.B . Reference the targeted device's templates in the target...