Paloalto Networks PCNSE Dumps 2021

NEW QUESTION 1
Which two logs on the firewall will contain authentication-related information useful for troubleshooting purpose (Choose two)

• A. ms.log
• B. traffic.log
• C. system.log
• D. dp-monitor.log
• E. authd.log

Answer: CE

NEW QUESTION 2
DRAG DROP
When using the predefined default profile, the policy will inspect for viruses on the decoders. Match each decoder with its default action.
Answer options may be used more than once or not at all.

Answer:

Explanation:

NEW QUESTION 3
A customer wants to set up a site-to-site VPN using tunnel interfaces? Which two formats are correct for naming tunnel interfaces? (Choose two.)

• A. Vpn-tunnel.1024
• B. vpn-tunne.1
• C. tunnel 1025
• D. tunne
• E. 1

Answer: CD

NEW QUESTION 4
Which menu item enables a firewall administrator to see details about traffic that is currently active through the NGFW?

• A. App Scope
• B. ACC
• C. Session Browser
• D. System Logs

Answer: C

NEW QUESTION 5
An administrator has configured the Palo Alto Networks NGFW’s management interface to connect
to the internet through a dedicated path that does not traverse back through the NGFW itself.
Which configuration setting or step will allow the firewall to get automatic application signature updates?

• A. A scheduler will need to be configured for application signatures.
• B. A Security policy rule will need to be configured to allow the update requests from the firewall to the update servers.
• C. A Threat Prevention license will need to be installed.
• D. A service route will need to be configured.

Answer: D

Explanation: The firewall uses the service route to connect to the Update Server and checks for new content release versions and, if there are updates available, displays them at the top of the list.
Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/web-interface-help/device/device-dynamic-updates

NEW QUESTION 6
A company has a web server behind a Palo Alto Networks next-generation firewall that it wants to make accessible to the public at 1.1.1.1. The company has decided to configure a destination NAT Policy rule.
Given the following zone information:
• DMZ zone: DMZ-L3
• Public zone: Untrust-L3
• Guest zone: Guest-L3
• Web server zone: Trust-L3
• Public IP address (Untrust-L3): 1.1.1.1
• Private IP address (Trust-L3): 192.168.1.50
What should be configured as the destination zone on the Original Packet tab of NAT Policy rule?

• A. Untrust-L3
• B. DMZ-L3
• C. Guest-L3
• D. Trust-L3

Answer: A

NEW QUESTION 7
Refer to the exhibit.

Which certificates can be used as a Forwarded Trust certificate?

• A. Certificate from Default Trust Certificate Authorities
• B. Domain Sub-CA
• C. Forward_Trust
• D. Domain-Root-Cert

Answer: A

NEW QUESTION 8
A global corporate office has a large-scale network with only one User-ID agent, which creates a bottleneck near the User-ID agent server. Which solution in PAN-OS® software would help in this case?

• A. Application override
• B. Redistribution of user mappings
• C. Virtual Wire mode
• D. Content inspection

Answer: B

NEW QUESTION 9
What can missing SSL packets when performing a packet capture on dataplane interfaces?

• A. The packets are hardware offloaded to the offloaded processor on the dataplane
• B. The missing packets are offloaded to the management plane CPU
• C. The packets are not captured because they are encrypted
• D. There is a hardware problem with offloading FPGA on the management plane

Answer: A

NEW QUESTION 10
Which CLI command is used to simulate traffic going through the firewall and determine which Security policy rule, NAT translation, static route, or PBF rule will be triggered by the traffic?

• A. check
• B. find
• C. test
• D. sim

Answer: C

Explanation: Reference: http://www.shanekillen.com/2014/02/palo-alto-useful-cli-commands.html

NEW QUESTION 11
If the firewall is configured for credential phishing prevention using the “Domain Credential Filter” method, which login will be detected as credential theft?

• A. Mapping to the IP address of the logged-in user.
• B. First four letters of the username matching any valid corporate username.
• C. Using the same user’s corporate username and password.
• D. Marching any valid corporate username.Explanation:

Answer: A

Explanation: Reference: https://www.paloaltonetworks.com/documentation/80/pan-os/newfeaturesguide/content-inspection-features/credential-phishing-prevention

NEW QUESTION 12
In the following image from Panorama, why are some values shown in red?

• A. sg2 session count is the lowest compared to the other managed devices.
• B. us3 has a logging rate that deviates from the administrator-configured thresholds.
• C. uk3 has a logging rate that deviates from the seven-day calculated baseline.
• D. sg2 has misconfigured session thresholds.

Answer: C

NEW QUESTION 13
Which log file can be used to identify SSL decryption failures?

• A. Configuration
• B. Threats
• C. ACC
• D. Traffic

Answer: C

NEW QUESTION 14
Which interface configuration will accept specific VLAN IDs?

• A. Tab Mode
• B. Subinterface
• C. Access Interface
• D. Trunk Interface

Answer: B

NEW QUESTION 15
Which CLI command enables an administrator to check the CPU utilization of the dataplane?

• A. show running resource-monitor
• B. debug data-plane dp-cpu
• C. show system resources
• D. debug running resources

Answer: A

NEW QUESTION 16
Which two interface types can be used when configuring GlobalProtect Portal?(Choose two)

• A. Virtual Wire
• B. Loopback
• C. Layer 3
• D. Tunnel

Answer: BC

NEW QUESTION 17
Which tool provides an administrator the ability to see trends in traffic over periods of time, such as threats detected in the last 30 days?

• A. Session Browser
• B. Application Command Center
• C. TCP Dump
• D. Packet Capture

Answer: B

Explanation: Reference: https://live.paloaltonetworks.com/t5/Management-Articles/Tips-amp-Tricks-How-to-Use-the-Application-Command-Center-ACC/ta-p/67342

NEW QUESTION 18
To connect the Palo Alto Networks firewall to AutoFocus, which setting must be enabled?

• A. Device>Setup>Services>AutoFocus
• B. Device> Setup>Management >AutoFocus
• C. AutoFocus is enabled by default on the Palo Alto Networks NGFW
• D. Device>Setup>WildFire>AutoFocus
• E. Device>Setup> Management> Logging and Reporting Settings

Answer: B

Explanation: Reference: https://www.paloaHYPERLINK
"https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence"ltonetworks.com/documentation/71/pan-os/pan-os/getting-started/enable-autofocus-threat-intelligence

NEW QUESTION 19
Refer to exhibit.

An organization has Palo Alto Networks NGFWs that send logs to remote monitoring and security
management platforms. The network team has reported excessive traffic on the corporate WAN.
How could the Palo Alto Networks NGFW administrator reduce WAN traffic while maintaining support for all existing monitoring/ security platforms?

• A. Forward logs from firewalls only to Panorama and have Panorama forward logs to other external services.
• B. Forward logs from external sources to Panorama for correlation, and from Panorama send them to the NGFW.
• C. Configure log compression and optimization features on all remote firewalls.
• D. Any configuration on an M-500 would address the insufficient bandwidth concerns.

Answer: A