Palo Alto Networks PCNSE - Palo Alto Networks Certified Network Security Engineer Exam

Page:    1 / 122   
Total 606 questions

Which CLI command is used to simulate traffic going through the firewall and determine which Security policy rule, NAT translation, static route, or PBF rule will be triggered by the traffic?

  • A. check
  • B. find
  • C. test
  • D. sim


Answer : C

Reference:
http://www.shanekillen.com/2014/02/palo-alto-useful-cli-commands.html

Refer to the exhibit.

An organization has Palo Alto Networks NGFWs that send logs to remote monitoring and security management platforms. The network team has reported excessive traffic on the corporate WAN.
How could the Palo Alto Networks NGFW administrator reduce WAN traffic while maintaining support for all the existing monitoring/security platforms?

  • A. Forward logs from firewalls only to Panorama and have Panorama forward logs to other external services.
  • B. Forward logs from external sources to Panorama for correlation, and from Panorama send them to the NGFW.
  • C. Configure log compression and optimization features on all remote firewalls.
  • D. Any configuration on an M-500 would address the insufficient bandwidth concerns.


Answer : A

A customer wants to set up a VLAN interface for a Layer 2 Ethernet port.
Which two mandatory options are used to configure a VLAN interface? (Choose two.)

  • A. Virtual router
  • B. Security zone
  • C. ARP entries
  • D. Netflow Profile


Answer : CD

An administrator has been asked to configure a Palo Alto Networks NGFW to provide protection against worms and trojans.
Which Security Profile type will protect against worms and trojans?

  • A. Anti-Spyware
  • B. Instruction Prevention
  • C. File Blocking
  • D. Antivirus


Answer : D

Reference:
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/policy/security-profiles

A company needs to preconfigure firewalls to be sent to remote sites with the least amount of preconfiguration. Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional data centers.
Which VPN configuration would adapt to changes when deployed to the future site?

  • A. Preconfigured GlobalProtect satellite
  • B. Preconfigured GlobalProtect client
  • C. Preconfigured IPsec tunnels
  • D. Preconfigured PPTP Tunnels


Answer : A

Page:    1 / 122   
Total 606 questions