PCNSE paloaltonetworks.com Practice test mockup questions

PCNSE (Palo Alto) Mock-up Test – 3 (Free) (23questions)

Please enter your email:

1. The certificate information displayed in the following image is for which type of certificate?

 
 
 
 

2. Which is not a valid reason for receiving a decrypt-cert-validation error?

 
 
 
 

3. The firewall is not downloading IP addresses from MineMeld. Based on the image, what most likely is wrong?

 
 
 
 

4. Which processing order will be enabled when a Panorama administrator selects the setting “Objects defined in ancestors will take higher precedence?”

 
 
 
 

5. Which three options are supported in HA Lite? (Choose three

 
 
 
 
 

6. Which three split tunnel methods are supported by a GlobalProtect Gateway? (Choose three.)

 

 

 

 

 

 

 
 
 
 
 
 

7. A web server is hosted in the DMZ and the server is configured to listen for incoming connections on TCP port 434. A Security policies rules allowing access from the Trust zone to the DMZ zone needs to be configured to allow web-browsing access. The web server hosts its contents over HTTP(S). Traffic from Trust to DMZ is being decrypted with a Forward Proxy rule.

Which combination of service and application, and order of Security policy rules, needs to be configured to allow cleartext web-browsing traffic to this server on tcp/443?

 
 
 
 

8. Which prerequisite must be satisfied before creating an SSH proxy Decryption policy?

 
 
 
 

9. An administrator Just submitted a newly found piece of spyware for WildFire analysis. The spyware passively monitors behavior without the user’s knowledge.

What is the expected verdict from WildFire?

 
 
 
 

10. Which will be the egress interface if the traffic’s ingress interface is ethernet1/7 sourcing from 192.168.111. and to the destination 10.46.41.113?

 
 
 
 

11. Which Palo Alto Networks VM-Series firewall is valid?

 
 
 
 

12. Starting with PAN-OS version 9.1, application dependency information is now reported in which two new locations? (Choose two.)

 
 
 
 

13. Which two features can be used to tag a username so that it is included in a dynamic user group? (Choose two.)

 
 
 
 

14. Which two features does PAN-OS® software use to identify applications? (Choose two.)

 
 
 
 

15. Which option describes the operation of the automatic commit recovery feature?

 
 
 
 

16. SD-WAN is designed to support which two network topology types? (Choose two.)

 
 
 
 

17. Which two are valid ACC Global Protect Activity tab widgets? (Choose two.)

 
 
 
 

18. In the following image from Panorama, why are some values shown in red?

 
 
 
 

19. Which three items are important considerations during SD-WAN configuration planning? (Choose three.)

 
 
 
 

20. Which two subscriptions are available when configuring Panorama to push dynamic updates to connected devices? (Choose two.)

 
 
 
 

Question 1 of 20