Palo Alto Networks PCNSC - Palo Alto Networks Certified Network Security Consultant Exam

Page:    1 / 12   
Total 59 questions

What is the preferred method for gathering User-ID mappings from Citrix VDI servers?

  • A. Agentless Server Monitoring
  • B. GlobalProtect with an internal gateway
  • C. The Windows User-ID agent
  • D. The Terminal Services agent


Answer : D

A customer has a pair of Panorama HA appliances running local log collectors and wants to have log redundancy on logs forwarded from firewalls.
Which two configuration options fulfill the customer’s requirement for log redundancy? (Choose two.)

  • A. Panorama configured in HA provides log redundancy.
  • B. A Collector Group must contain at least two Log Collectors.
  • C. Log redundancy must be enabled per Collector Group.
  • D. Panorama operational mode needs to be Dedicated Log Collector.


Answer : BC

A customer has firewalls deployed at multiple data centers globally, and which are managed by a single Panorama pair. Each data center has multiple PA-7080 firewalls running PAN-OS 9.0.
What are two recommended logging infrastructures across the data centers if the customer needs to log? (Choose two.)

  • A. Distributed log collector
  • B. Single log collector in the main data center
  • C. Cortex Data Lake
  • D. Mixed mode Panorama


Answer : AC

In an HA active/active configuration, what is the purpose of APR load sharing?

  • A. share all IP addresses and provide Layer 4 through Layer 7 services when failure is detected
  • B. protect internal networks from an ARP flooding attack
  • C. sync the ARP table between the two firewalls
  • D. share an IP address and provide gateway services


Answer : D

In a HA active/active configuration, which task does the session setup firewall perform?

  • A. threat scanning
  • B. NAT
  • C. Traffic log generation
  • D. decryption


Answer : B

Page:    1 / 12   
Total 59 questions