PCNSE paloaltonetworks.com Practice test mockup questions

PCNSE (Palo Alto) Mock-up Test – 2 (Free) (22quest

Please enter your email:


How does an administrator schedule an Applications and Threats dynamic update while delaying installation of the update for a certain amount of time?


2. What are the differences between using a service versus using an application for Security Policy match?


3. Which Captive Portal mode must be configured to support MFA authentication?


4. If the firewall has the following link monitoring configuration, what will cause a failover?


5. An administrator is using Panorama and multiple Palo Alto Networks NGFWs. After upgrading all devices to the latest PAN-OS® software, the administrator enables log forwarding from the firewalls to Panorama. Pre-existing logs from the firewalls are not appearing in Panorama.

Which action would enable the firewalls to send their pre-existing logs to Panorama?



Which PAN-OS® policy must you configure to force a user to provide additional credentials before he is allowed to access an internal application that contains highly-sensitive business data?


7. An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs. The administrator assigns priority 100 to the active firewall.

Which priority is correct for the passive firewall?


8. Which User-ID method maps IP addresses to usernames for users connecting through an 802.1x-enabled wireless network device that has no native integration with PAN-OS® software?


9. An administrator logs in to the Palo Alto Networks NGFW and reports that the WebUI is missing the Policies tab.

Which profile is the cause of the missing Policies tab?


10. A user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At other times the session times out. The NGFW has been configured with a PBF rule that the user’s traffic matches when it goes to http://www.company.com.

How can the firewall be configured automatically disable the PBF rule if the next hop goes down?


11. An administrator encountered problems with inbound decryption. Which option should the administrator investigate as part of triage?


12. Which method does an administrator use to integrate all non-native MFA platforms in PAN-OS® software?


13. A speed/duplex negotiation mismatch is between the Palo Alto Networks management port and the switch port which it connects.

How would an administrator configure the interface to 1Gbps?


14. If a template stack is assigned to a device and the stack includes three templates with overlapping settings, which settings are published to the device when the template stack is pushed?


15. Which three settings are defined within the Templates object of Panorama? (Choose three.)


16. Panorama provides which two SD-WAN functions? (Choose two.)



An organization has Palo Alto Networks NGFWs that send logs to remote monitoring and security management platforms. The network team has reported excessive traffic on the corporate WAN.

How could the Palo Alto Networks NGFW administrator reduce WAN traffic while maintaining support for all the existing monitoring/security platforms?


18. Which two events trigger the operation of automatic commit recovery? (Choose two.)



An administrator is using DNAT to map two servers to a single public IP address. Traffic will be steered to the specific server based on the application, where Host A ( receives HTTP traffic and Host B ( receives SSH traffic.

Which two Security policy rules will accomplish this configuration? (Choose two.)


20. An administrator needs to optimize traffic to prefer business-critical applications over non-critical applications. QoS natively integrates with which feature to provide service quality?


21. An administrator cannot see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports. The configuration problem seems to be on the firewall. Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the firewall to Panorama?


22. An administrator has been asked to configure a Palo Alto Networks NG1W to provide protection against worms and trojans.

Which Security Profile type will protect against worms and trojans?


Question 1 of 22