Welcome to KillTest.com
 About PCNSE Questions

TOP Exams

Want to practice some free Palo Alto Networks PCNSE exam questions? You can study the following Palo Alto Networks PCNSE exam online questions. Killtest provides 308 Q&As for Palo Alto Networks PCNSE exam, which has been proven effective in the PCNSE exam preparation. Besides, you can get full payment fee refund if you fail PCNSE exam by using Killtest PCNSE practice exam questions. Ready? Go!

 Get PCNSE with 308 Q&As

Palo Alto Networks PCNSE Online Practice Exam Questions

The questions of PCNSE were last updated on Apr 19,2024 .

Viewing page 1 out of 35 pages.

Viewing questions 1 out of 176 questions

Question#1

Which menu item enables a firewall administrator to see details about traffic that is currently active through the NGFW?

A. App Scope
B. ACC
C. Session Browser
D. System Logs

Question#2

A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 443. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents over HTTP(S). Traffic from Trust to DMZ is being decrypted with a Forward Proxy rule.
Which combination of service and application, and order of Security policy rules, needs to be configured to allow cleartext web- browsing traffic to this server on tcp/443.

A. Rule #1: application: web-browsing; service: application-default; action: allow Rule #2: application: ssl; service: application-default; action: allow
B. Rule #1: application: web-browsing; service: service-https; action: allow Rule #2: application: ssl; service: application-default; action: allow
C. Rule # 1: application: ssl; service: application-default; action: allow Rule #2: application: web-browsing; service: application-default; action: allow
D. Rule #1: application: web-browsing; service: service-http; action: allow Rule #2: application: ssl; service: application-default; action: allow

Explanation:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEyCAK

Question#3

During the packet flow process, which two processes are performed in application identification? (Choose two.)

A. Pattern based application identification
B. Application override policy match
C. Application changed from content inspection
D. Session application identified.

Explanation:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVHCA0
http://live.paloaltonetworks.com//t5/image/serverpage/image-id/12862i950F549C7D4E6309

Question#4

A company needs to preconfigure firewalls to be sent to remote sites with the least amount of reconfiguration. Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional data centers.
Which VPN configuration would adapt to changes when deployed to the future site?

A. Preconfigured GlobalProtect satellite
B. Preconfigured GlobalProtect client
C. Preconfigured IPsec tunnels
D. Preconfigured PPTP Tunnels

Explanation: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations.html

Question#5

Which three user authentication services can be modified to provide the Palo Alto Networks NGFW with both usernames and role names? (Choose three.)

A. TACACS+
B. Kerberos
C. PAP
D. LDAP
E. SAML
F. RADIUS

Explanation: https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/firewall-administration/manage-firewall-administrators/administrative-authentication

Exam Code: PCNSE
Q & A: 308 Q&As
Updated:  Apr 19,2024

 Get PCNSE Full Version

KILLTEST CONTACT INFO

[email protected]

GMT+8: Mon-Sat 8:00-18:00

GMT: Mon-Sat 0:00-10:00

Certifications

How to buy

Stay in touch