PCNSE Exam Questions

Total 271 Questions

Last Updated Exam : 16-Dec-2024

Topic 1 : Main Questions pool

Which Captive Portal mode must be configured to support MFA authentication?


A.

NTLM


B.

Redirect


C.

Single Sign-On


D.

Transparent





B.
  

Redirect



An administrator needs to determine why users onthe trust zone cannot reach certain websites. The only
information available is shown on the following image. Which configuration change should the administrator make?



A.

Option A


B.

Option B


C.

Option C


D.

Option D


E.

OptionE





B.
  

Option B



An administrator wants multiple web servers in the DMZ to receive connections initiated from the internet. Traffic destined for 206.15.22.9 port 80/TCP needs to be forwarded to the server at 10.1.1.22

Based on the information shown in the image, which NAT rule will forward web-browsing traffic correctly?



A.

Option A


B.

Option B


C.

Option C


D.

Option D





D.
  

Option D



An administrator needs to upgrade an NGFW to the most current version of PAN-OS® software. The
following is occurring:
Firewall has Internet connectivity through e1/1.
•Default security rules and security rules allowing all SSL and web-browsing traffic to and from any zone.
•Service route is configured, sourcing update traffic from e1/1.
•A communication error appears in the System logs when updates are performed.
•Download does not complete.
What must be configured to enable the firewall to download the current version of PAN-OS software?


A.

DNS settings for the firewall to use for resolution


B.

scheduler for timed downloads of PAN-OS software


C.

static route pointing application PaloAlto-updates to the update servers


D.

Security policy ruleallowing PaloAlto-updates as the application





D.
  

Security policy ruleallowing PaloAlto-updates as the application



In a virtual router, which object contains all potential routes?


A.

MIB


B.

RIB


C.

SIP


D.

FIB





B.
  

RIB



Reference: https://www.google.com/url?
sa=t&rct=j&q=&esrc=s&source=web&cd=10&ved=0ahUKEwiOkbfYzPzXAhVnEJoKHcwVCg4QFghiMAk&url=https%2Flive.paloaltonetworks.com%2Ftwzvq79624%2Fattachments%2Ftwzvq79624%2Fdocumentation_tkb%2F487%2F1%2520Redistribution%2520and%2520Filtering%2520TechNote%2520-%2520Rev%
2520B.pdf&usg=AOvVaw0H9qgaJK0oI2xjIJBNo1Km

An administrator needs to optimize traffic to prefer business-criticalapplications over non-critical applications. QoS natively integrates with which feature to provide service quality?


A.

Port Inspection


B.

Certificate revocation


C.

Content-ID


D.

App-ID





D.
  

App-ID



Reference:
https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/quality-of-service/qos-for-applications-and-users

Which two options prevent the firewall from capturing traffic passing through it? (Choose two.)


A.

The firewall is in multi-vsys mode.


B.

The traffic is offloaded.


C.

The traffic does not match the packet capture filter.


D.

The firewall’s DP CPU is higher than 50%.





B.
  

The traffic is offloaded.



C.
  

The traffic does not match the packet capture filter.



Reference:
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/monitoring/take-packet-captures/disable-hardwareoffload

Which operation will impact the performanceof the management plane?


A.

WildFire Submissions


B.

DoS Protection


C.

decrypting SSL Sessions


D.

Generating a SaaS Application Report.


E.

Generating a SaaS Application Report.





C.
  

decrypting SSL Sessions



Which CLI command enables an administrator to view details about the firewall including uptime, PAN-OS®version, and serial number?


A.

debug system details


B.

show session info


C.

show system info


D.

show system details





C.
  

show system info



Reference:
https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/pan-os-60/PAN-OS-6.0-
CLI-ref.pdf

An administrator has left a firewall to use the default port for all management services. Which three functions are performed by the dataplane?(Choose three.)


A.

WildFire updates


B.

NAT


C.

NTP


D.

antivirus


E.

File blocking





A.
  

WildFire updates



B.
  

NAT



C.
  

NTP




Page 7 out of 28 Pages
Previous