PCNSE6 - Palo Alto Networks Certified Network Security Engineer 6

Go back to Palo-Alto-Networks

Example Questions

What can cause missing SSL packets when performing a packet capture on data plane interfaces? Which source address translation type will allow multiple devices to share a single translated source address while using a single NAT Policy rule? Which three engines are built into the Single-Pass Parallel Processing Architecture? Choose 3 answers Which authentication method can provide role-based administrative access to firewalls running PAN- OS? Which URL Filtering Security Profile action logs the URL Filtering category to the URL Filtering log? A Palo Alto Networks firewall is being targeted by an NTP Amplification attack and is being flooded with tens of thousands of bogus UDP connections per second to a single destination IP address and port. Which option, when enabled with the correct threshold, would mitigate this attack without dropping legitimate traffic to other hosts inside the network? What are the three Security Policy rule Type classifications supported in PAN-OS 6.1? You are configuring a File Blocking Profile to be applied to all outbound traffic uploading a specific file type, and there is a specific application that you want to match in the policy. What are three valid actions that can be set when the specified file is detected? Choose 3 answers How can a Palo Alto Networks firewall be configured to send syslog messages in a format compatible with nonstandard syslog servers? Which two steps are required to make Microsoft Active Directory users appear in the firewall's traffic log? Choose 2 answers Which Public Key Infrastructure component is used to authenticate users for GlobalProtect when the Connect Method is set to "pre-logon"? A user is reporting that they cannot download a PDF file from the internet. Which action will show whether the downloaded file has been blocked by a Security Profile? The IT department has received complaints about VoIP call jitter when the sales staff is making or receiving calls. QoS is enabled on all firewall interfaces, but there is no QoS policy written in the rulebase. The IT manager wants to find out what traffic is causing the jitter in real time when a user reports the jitter. Which feature can be used to identify, in real-time, the applications taking up the most bandwidth? It is discovered that WebandNetTrends Unlimited's new web server software produces traffic that the Palo Alto Networks firewall sees as "unknown-tcp" traffic. Which two configurations would identify the application while preserving the ability of the firewall to perform content and threat detection on the traffic? Choose 2 answers Which method is the most efficient for determining which administrator made a specific change to the running config? After pushing a security policy from Panorama to a PA-3020 firewall, the firewall administrator notices that traffic logs from the PA-3020 are not appearing in Panorama's traffic logs. What could be the problem? What is the maximum usable storage capacity of an M-100 appliance? After migrating from an ASA firewall, the VPN connection between a remote network and the Palo Alto Networks firewall is not establishing correctly. The following entry is appearing in the logs: pfs group mismatched: my:0 peer:2 Which setting should be changed on the Palo Alto Firewall to resolve this error message? Which two statements are true about DoS Protection Profiles and Policies? Choose 2 answers A security engineer has been asked by management to optimize how Palo Alto Networks firewall syslog messages are forwarded to a syslog receiver. There are currently 20 PA-5060 s, each of which is configured to forward syslogs individually. The security engineer would like to leverage their two M-100 appliances to send syslog messages from a single source and has already deployed one in Panorama mode and the other as a Log Collector. What is the remaining step in implementing this solution? A firewall administrator is troubleshooting problems with traffic passing through the Palo Alto Networks firewall. Which method will show the global counters associated with the traffic after configuring the appropriate packet filters? The WildFire Cloud or WF-500 appliance provide information to which two Palo Alto Networks security services? Choose 2 answers Where can the maximum concurrent SSL VPN Tunnels be set for Vsys2 when provisioning a Palo Alto Networks firewall for multiple virtual systems? Which mechanism is used to trigger a High Availability (HA) failover if a firewall interface goes down? A company has a web server behind their Palo Alto Networks firewall that they would like to make accessible to the public. They have decided to configure a destination NAT Policy rule. Given the following zone information: What should be configured as the destination zone on the Original Packet tab of the NAT Policy rule? Which two interface types provide support for network address translation (NAT)? Choose 2 answers A hotel chain is using a system to centrally control a variety of items in guest rooms. The client devices in each guest room communicate to the central controller using TCP and frequently disconnect due to a premature timeouts when going through a Palo Alto Networks firewall. Which action will address this issue without affecting all TCP traffic traversing the firewall? What is a prerequisite for configuring a pair of Palo Alto Networks firewalls in an Active/Passive High Availability (HA) pair? Which Security Policy rule configuration option disables antivirus and anti-spyware scanning of server- to-client flows only? Which three inspections can be performed with a next-generation firewall but NOT with a legacy firewall? Choose 3 answers A company has purchased a WildFire subscription and would like to implement dynamic updates to download the most recent content as often as possible. What is the shortest time interval the company can configure their firewall to check for WildFire updates? Which two interface types can be used when configuring GlobalProtect Portal? Choose 2 answers A security architect has been asked to implement User-ID in a MacOS environment with no enterprise email, using a Sun LDAP server for user authentication. In this environment, which two User-ID methods are effective for mapping users to IP addresses? Choose 2 answers A firewall is being attacked with a port scan. Which component can prevent this attack? A network administrator uses Panorama to push security policies to managed firewalls at branch offices. Which policy type should be configured on Panorama if the administrator wishes to allow local administrators at the branch office sites to override these policies? A website is presenting an RSA 2048-bit key. By default, what will the size of the key in the certificate sent by the firewall to the client be when doing SSL Decryption? How is the Forward Untrust Certificate used? What has happened when the traffic log shows an internal host attempting to open a session to a properly configured sinkhole address?