New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > Paloalto Networks > Paloalto Certifications and Accreditations > PCNSC

PCNSC Palo Alto Networks Certified Network Security Consultant Question and Answers

Question # 4

Which three file types can be forward to WildMFire for analysis a partof the basic WildMFire service?

A.

.exe

B.

.apk

C.

.dil

D.

.jar

E.

.pdf

F.

.fon

Full Access
Question # 5

A customer wants to combine multiple Ethernet interfaces into a single virtual interface using Link aggregation.

Which two formats are correct for naming aggregate interlaces? (Choose two.)

A.

aggregate.8

B.

ae.8

C.

ae.1

D.

aggregate.1

Full Access
Question # 6

Which PAN-OS® policy must you configure to force a user to provide additional credential before he is allowed to access an internal application that contains highly sensitive business data?

A.

Authentication policy

B.

Decryption policy

C.

Security policy

D.

Application Override policy

Full Access
Question # 7

An administrator is using Panorama and multiple Palo Alto NetworksNGFWs. After upgrading all devices to the latest PAN-OS® software, the administrator enables logs forwarding from the firewalls to panorama Pre-existing logs from the firewall are not appearing in Panorama.

Which action would enables the firewalls to sendtheir preexisting logs to Panorama?

A.

A CLI command will forward the pre-existing logs to Panorama.

B.

Use the import option to pull logs panorama.

C.

Use the ACC to consolidate pre-existing logs.

D.

The- log database will need to be exported from thefirewall and manually imported into Panorama.

Full Access
Question # 8

In High Availability, which information is transferred via the HA data link?

A.

heartbeats

B.

HA state information

C.

session information

D.

User-ID information

Full Access
Question # 9

A firewall administrator has been asked to configure a Palo Alto Networks NGFW to prevent against compromised hosts trying tophone-number or bacon out to eternal command-and-control (C2) servers.

Which Security Profile type will prevent these behaviors?

A.

Vulnerability Protection

B.

Antivirus

C.

Wildfire

D.

Anti-Spyware

Full Access
Question # 10

A Security policy rule is configured with a Vulnerability Protection Profile and an action of Deny".

Which action will this configuration cause on the matched traffic?

A.

The configuration is invalid it will cause the firewall to Skip thisSecurity policy rule A warning will be displayed during a command.

B.

The configuration is valid It will cause the firewall to deny the matched sessions. Any configured Security Profiles have no effect if the Security policy rule action is set to "Deny"

The configuration will allow the matched session unless a vulnerability signature is detected. The "Deny" action will supersede the per. defined, severity defined actions defined in the associated Vulnerability Protection Profile.

C.

The configuration is invalid. The Profile Settings section will be- grayed out when the action is set to "Deny"

Full Access
Question # 11

Which two options prevents the firewall from capturing traffic passing through it? (Choose two.)

A.

The firewall is in milti-vsys mode.

B.

The traffic does not match the packetcapture filter

C.

The traffic is offloaded.

D.

The firewall's DP CPU is higher than 50%

Full Access
Copyright myexamcollection.com. All Right Reserved.