PCNSE exam

An administrator is attempting to create policies tor deployment of a device group and template stack. When creating the policies, the zone drop down list does not include the required zone. What must the administrator do to correct this issue?A . Specify the target device as the master device in...

Which statement best describes the Automated Commit Recovery feature?A . It performs a connectivity check between the firewall and Panorama after every configuration commit on the firewall. It reverts the configuration changes on the firewall if the check fails. B. It restores the running configuration on a firewall and Panorama...

An engineer is tasked with configuring SSL forward proxy for traffic going to external sites. Which of the following statements is consistent with SSL decryption best practices? A. The forward trust certificate should not be stored on an HSM. B. The forward untrust certificate should be signed by a certificate...

An engineer is tasked with configuring SSL forward proxy for traffic going to external sites. Which of the following statements is consistent with SSL decryption best practices? A. The forward trust certificate should not be stored on an HSM. B. The forward untrust certificate should be signed by a certificate...

The firewall identifies a popular application as an unKnown-tcp. Which two options are available to identify the application? (Choose two.)A . Create a custom application. B. Submit an App-ID request to Palo Alto Networks. C. Create a custom object for the application server. D. Create a Security policy to identify...

In a Panorama template which three types of objects are configurable? (Choose three)A . certificate profiles B. HIP objects C. QoS profiles D. security profiles E. interface management profilesView AnswerAnswer: A,C,E Explanation: https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/manage-firewalls/use-case-configure-firewalls-using-panorama/set-up-your-centralized-configuration-and-policies/use-templates-to-administer-a-base-configuration

A network security administrator wants to begin inspecting bulk user HTTPS traffic flows egressing out of the internet edge firewall. Which certificate is the best choice to configure as an SSL Forward Trust certificate?A . A self-signed Certificate Authority certificate generated by the firewall B. A Machine Certificate for the...

Where is information about packet buffer protection logged?A . Alert entries are in the Alarms log. Entries for dropped traffic, discarded sessions, and blocked IP address are in the Threat log B. All entries are in the System log C. Alert entries are in the System log. Entries for dropped...

An administrator has two pairs of firewalls within the same subnet. Both pairs of firewalls have been configured to use High Availability mode with Active/Passive. The ARP tables for upstream routes display the same MAC address being shared for some of these firewalls. What can be configured on one pair...

An administrator needs to assign a specific DNS server to one firewall within a device group. Where would the administrator go to edit a template variable at the device level?A . Variable CSV export under Panorama > templates B. PDF Export under Panorama > templates C. Manage variables under Panorama...