PCNSE exam

A network security administrator has an environment with multiple forms of authentication. There is a network access control system in place that authenticates and restricts access for wireless users, multiple Windows domain controllers, and an MDM solution for company-provided smartphones. All of these devices have their authentication events logged. Given...

An administrator wants multiple web servers In the DMZ to receive connections initiated from the internet. Traffic destined for 206.15.22.9 port 80/TCP needs to be forwarded to the server at 10.1.1.22. Based on the image, which NAT rule will forward web-browsing traffic correctly? A) B) C) D) A . Option...

An administrator needs to assign a specific DNS server to one firewall within a device group. Where would the administrator go to edit a template variable at the device level?A . Variable CSV export under Panorama > templates B. PDF Export under Panorama > templates C. Manage variables under Panorama...

A company requires that a specific set of ciphers be used when remotely managing their Palo Alto Networks appliances. Which profile should be configured in order to achieve this?A . SSH Service profile B. SSL/TLS Service profile C. Decryption profile D. Certificate profileView AnswerAnswer: A Explanation: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/certificate-management/configure-an-ssh-service-profile

DRAG DROP An engineer is troubleshooting traffic routing through the virtual router. The firewall uses multiple routing protocols, and the engineer is trying to determine routing priority Match the default Administrative Distances for each routing protocol. View AnswerAnswer: Explanation: ✑ Static ―Range is 10-240; default is 10. ✑ OSPF Internal...

An administrator is troubleshooting why video traffic is not being properly classified. If this traffic does not match any QoS classes, what default class is assigned?A . 1 B. 2 C. 3 D. 4View AnswerAnswer: D Explanation: The default class that is assigned to traffic that does not match any...

You need to allow users to access the office-suite applications of their choice. How should you configure the firewall to allow access to any office-suite application?A . Create an Application Group and add Office 365, Evernote Google Docs and Libre Office B. Create an Application Group and add business-systems to...

An administrator is using Panorama to manage multiple firewalls. After upgrading all devices to the latest PAN-OS software, the administrator enables log forwarding from the firewalls to Panorama. However, pre-existing logs from the firewalls are not appearing in Panorama. Which action should be taken to enable the firewalls to send...

A network security administrator wants to begin inspecting bulk user HTTPS traffic flows egressing out of the internet edge firewall. Which certificate is the best choice to configure as an SSL Forward Trust certificate?A . A self-signed Certificate Authority certificate generated by the firewall B. A Machine Certificate for the...

What happens when an A/P firewall cluster synchronizes IPsec tunnel security associations (SAs)?A . Phase 1 and Phase 2 SAs are synchronized over HA3 links. B. Phase 1 SAs are synchronized over HA1 links. C. Phase 2 SAs are synchronized over HA2 links. D. Phase 1 and Phase 2 SAs...